Lucene search
K

1414 matches found

RedhatCVE
RedhatCVE
added 2025/10/16 6:33 a.m.9 views

CVE-2025-10406

The BlindMatrix e-Commerce WordPress plugin before 3.1 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users, such as contributors, to perform LFI attacks...

5.5CVSS6.6AI score0.0024EPSS
Exploits0References1
NVD
NVD
added 2025/10/15 6:15 a.m.3 views

CVE-2025-8561

The Ova Advent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

6.4CVSS0.00211EPSS
Exploits0References3
NVD
NVD
added 2025/10/15 6:15 a.m.5 views

CVE-2025-10406

The BlindMatrix e-Commerce WordPress plugin before 3.1 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users, such as contributors, to perform LFI attacks...

5.5CVSS0.0024EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/15 6:0 a.m.5 views

CVE-2025-10406 BlindMatrix e-Commerce < 3.1 - Contributor+ LFI

The BlindMatrix e-Commerce WordPress plugin before 3.1 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users, such as contributors, to perform LFI attacks...

0.0024EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/15 6:0 a.m.2 views

CVE-2025-10406 BlindMatrix e-Commerce < 3.1 - Contributor+ LFI

The BlindMatrix e-Commerce WordPress plugin before 3.1 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users, such as contributors, to perform LFI attacks...

6.2AI score0.0024EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/15 6:0 a.m.4 views

EUVD-2025-34519

The BlindMatrix e-Commerce WordPress plugin before 3.1 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users, such as contributors, to perform LFI attacks...

5.5CVSS6.2AI score0.0024EPSS
Exploits0References3
CVE
CVE
added 2025/10/15 6:0 a.m.16 views

CVE-2025-10406

CVE-2025-10406 affects the BlindMatrix e-Commerce WordPress plugin. The vulnerability arises from unvalidated shortcode attributes that are used to build file includes, enabling Local File Inclusion (LFI) when exploited by authenticated users (e.g., contributors). The issue is triggered by genera...

5.5CVSS6.2AI score0.0024EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.3 views

PT-2025-42229

The BlindMatrix e-Commerce WordPress plugin before 3.1 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users, such as contributors, to perform LFI attacks...

6.7AI score0.0024EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-11380

Malware in sbrugna...

5.4CVSS5.6AI score0.00624EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2018-20769

Malware in sbrugna...

5.4CVSS5.4AI score0.03244EPSS
Exploits5References5
RedhatCVE
RedhatCVE
added 2025/10/04 11:53 a.m.9 views

CVE-2025-9876

The Ird Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'irdslider' shortcode in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5AI score0.00226EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-51819

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00534EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-12263

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00649EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-12162

Malicious code in bioql PyPI...

6.8CVSS5.6AI score0.00635EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-51886

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00477EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-51913

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00477EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-12541

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00457EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-51810

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00478EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.1 views

EUVD-2023-12235

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00471EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-12424

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00444EPSS
Exploits2References1
Rows per page
Query Builder