Lucene search
K

31 matches found

VulnCheck KEV
VulnCheck KEV
added 2026/04/23 12:0 a.m.6 views

VulnCheck KEV: CVE-2025-31918

Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows Privilege Escalation.This issue affects Simple Business Directory Pro: from n/a through 15.6.9...

9.8CVSS5.2AI score0.00425EPSS
In wildExploits0References3
NVD
NVD
added 2025/10/22 9:15 a.m.5 views

CVE-2025-11870

The Simple Business Data plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'simplebusinessdata' shortcode attributes in all versions up to, and including, 1.0.1. This is due to the plugin not properly sanitizing user input or escaping output when embedding the type attribute...

6.4CVSS0.00176EPSS
Exploits0References2
CVE
CVE
added 2025/10/22 8:27 a.m.17 views

CVE-2025-11870

CVE-2025-11870: The Simple Business Data WordPress plugin (simple-business-data) is vulnerable to stored XSS in all versions up to 1.0.1 via the simple_business_data shortcode attributes, where unsanitized input is embedded into the class attribute of rendered HTML. Exploitation requires contribu...

6.4CVSS4.7AI score0.00176EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/22 8:27 a.m.3 views

CVE-2025-11870 Simple Business Data <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Simple Business Data plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'simplebusinessdata' shortcode attributes in all versions up to, and including, 1.0.1. This is due to the plugin not properly sanitizing user input or escaping output when embedding the type attribute...

6.4CVSS4.7AI score0.00176EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/22 8:27 a.m.16 views

CVE-2025-11870 Simple Business Data <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Simple Business Data plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'simplebusinessdata' shortcode attributes in all versions up to, and including, 1.0.1. This is due to the plugin not properly sanitizing user input or escaping output when embedding the type attribute...

6.4CVSS0.00176EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/22 8:27 a.m.3 views

EUVD-2025-35332

The Simple Business Data plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'simplebusinessdata' shortcode attributes in all versions up to, and including, 1.0.1. This is due to the plugin not properly sanitizing user input or escaping output when embedding the type attribute...

6.4CVSS4.6AI score0.00176EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.4 views

WordPress plugin Simple Business Data 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.9AI score0.00176EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/10/21 11:53 p.m.5 views

WordPress Simple Business Data plugin <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Gilang - DJ in WordPress Plugin Simple Business Data versions = 1.0.1...

6.4CVSS5.7AI score0.00176EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-45435

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00248EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27814

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00425EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/22 8:31 a.m.5 views

CVE-2025-48162

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows Reflected XSS.This issue affects Simple Business Directory Pro: from n/a through = 15.5.1...

7.1CVSS5.9AI score0.00213EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 8:15 a.m.8 views

CVE-2025-53580

Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows Privilege Escalation.This issue affects Simple Business Directory Pro: from n/a through 15.6.9...

9.8CVSS0.00345EPSS
Exploits1References1
CVE
CVE
added 2025/08/20 8:3 a.m.18 views

CVE-2025-53580

CVE-2025-53580 affects WordPress plugin Simple Business Directory Pro (versions before 15.6.9). Root cause: incorrect privilege assignment enabling unauthenticated privilege escalation. CVSS 3.1 vector: Network, Low attack complexity, Privileges Required: NONE; Impact: Confidentiality/Integrity/A...

9.8CVSS5.9AI score0.00345EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/08/20 8:3 a.m.15 views

CVE-2025-53580 WordPress Simple Business Directory Pro Plugin < 15.6.9 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows Privilege Escalation.This issue affects Simple Business Directory Pro: from n/a through 15.6.9...

9.8CVSS0.00345EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.2 views

WordPress plugin Simple Business Directory Pro 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

7.1CVSS5.9AI score0.00213EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.7 views

PT-2025-33989 · Unknown · Simple Business Directory Pro

Name of the Vulnerable Software and Affected Versions: Simple Business Directory Pro affected versions not specified Description: An incorrect privilege assignment issue exists in Simple Business Directory Pro, allowing for privilege escalation. Recommendations: At the moment, there is no...

9.8CVSS6.2AI score0.00345EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.4 views

PT-2025-33920 · Unknown · Simple Business Directory Pro

Name of the Vulnerable Software and Affected Versions: Simple Business Directory Pro versions through 15.5.1 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to Reflected Cross-site Scripting XSS. Recommendations: Update Simple...

7.1CVSS6.1AI score0.00213EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/25 1:19 p.m.6 views

CVE-2025-31918

Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows Privilege Escalation.This issue affects Simple Business Directory Pro: from n/a through 15.6.9...

9.8CVSS5.9AI score0.00425EPSS
Exploits0References1
NVD
NVD
added 2025/05/23 1:15 p.m.5 views

CVE-2025-31918

Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows Privilege Escalation.This issue affects Simple Business Directory Pro: from n/a through 15.6.9...

9.8CVSS0.00425EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/23 12:44 p.m.4 views

CVE-2025-31918 WordPress Simple Business Directory Pro plugin < 15.6.9 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows Privilege Escalation.This issue affects Simple Business Directory Pro: from n/a through 15.6.9...

9.8CVSS5.9AI score0.00425EPSS
Exploits0References1
Rows per page
Query Builder