Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-34577

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00493EPSS
Exploits2References1
NVD
NVD
added 2025/09/09 6:15 a.m.5 views

CVE-2025-9111

The AI ChatBot for WordPress WordPress plugin before 7.1.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

3.5CVSS0.00241EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:53 a.m.3 views

CVE-2023-1025

The Simple File List WordPress plugin before 6.0.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS6.1AI score0.00442EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/17 9:2 p.m.7 views

CVE-2024-6665

The KBucket: Your Curated Content in WordPress plugin before 4.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

4.8CVSS5.7AI score0.00271EPSS
Exploits1References1
OSV
OSV
added 2025/01/27 6:15 a.m.5 views

CVE-2024-13116

The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

3.8CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2024/12/12 6:15 a.m.4 views

CVE-2024-10010

The LearnPress WordPress plugin before 4.2.7.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS7.3AI score0.00441EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/02/27 8:30 a.m.18 views

CVE-2024-1106 Shariff Wrapper < 4.6.10 - Admin+ Stored XSS

The Shariff Wrapper WordPress plugin before 4.6.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.3AI score0.00417EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2022/12/05 4:50 p.m.6 views

CVE-2022-3837 Uji Countdown < 2.3.1 - Admin+ Stored XSS

The Uji Countdown WordPress plugin before 2.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.6AI score0.0047EPSS
Exploits2References1
Rows per page
Query Builder