Lucene search
K

1270 matches found

Nuclei
Nuclei
added 2026/06/28 3:8 p.m.249 views

Skype for Business 2019 (SfB) - Blind Server-side Request Forgery

Skype Pre-Auth Server-side Request Forgery SSRF vulnerability id: CVE-2023-41763 info: name: Skype for Business 2019 SfB - Blind Server-side Request Forgery author: hateshape severity: medium description: | Skype Pre-Auth Server-side Request Forgery SSRF vulnerability impact: | Unauthenticated...

5.3CVSS7AI score0.90353EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 11:54 a.m.7 views

CVE-2009-4741

Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Skype before 4.1.0.179 on Windows has unknown impact and attack vectors...

10CVSS6.9AI score0.0197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:50 a.m.5 views

CVE-2020-24003

Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process with the user's privileges to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Skype Client's microphone and camera access...

3.3CVSS6.4AI score0.01164EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/07 6:5 a.m.14 views

CVE-2025-13898

The Ultra Skype Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btnid' parameter of the ultraskype shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS5.1AI score0.00201EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/06 6:30 a.m.4 views

EUVD-2025-201535

The Ultra Skype Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btnid' parameter of the ultraskype shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS4.7AI score0.00201EPSS
Exploits0References6
NVD
NVD
added 2025/12/06 6:15 a.m.4 views

CVE-2025-13898

The Ultra Skype Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btnid' parameter of the ultraskype shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS0.00201EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/12/06 5:49 a.m.3 views

CVE-2025-13898 Ultra Skype Button <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'btn_id' Shortcode Attribute

The Ultra Skype Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btnid' parameter of the ultraskype shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS4.8AI score0.00201EPSS
Exploits0References5
CVE
CVE
added 2025/12/06 5:49 a.m.35 views

CVE-2025-13898

The Ultra Skype Button WordPress plugin (Ultra Skype Button, Plugin Slug: ultra-skype-button) is affected by CVE-2025-13898: a Stored Cross-Site Scripting vulnerability in the btn_id attribute of the [ultra_skype] shortcode. Affects all versions up to 1.0. Root cause: insufficient input sanitizat...

6.4CVSS4.8AI score0.00201EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/06 12:0 a.m.4 views

WordPress plugin Ultra Skype Button 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.8AI score0.00201EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/06 12:0 a.m.8 views

PT-2025-49351

The Ultra Skype Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btn id' parameter of the ultra skype shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

6.4CVSS5.1AI score0.00201EPSS
Exploits0References6
Patchstack
Patchstack
added 2025/12/05 11:57 p.m.7 views

WordPress Ultra Skype Button plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'btn_id' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'btnid' Shortcode Attribute vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Ultra Skype Button versions = 1.0...

6.4CVSS5.6AI score0.00201EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-1554

Malware in sbrugna...

6.1CVSS6.3AI score0.02084EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-2068

Malware in sbrugna...

8.5CVSS6.4AI score0.02876EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-16740

Malware in sbrugna...

3.3CVSS4.5AI score0.01164EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-5668

Malware in sbrugna...

4.3CVSS6.4AI score0.02175EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2018-10286

Malware in sbrugna...

5.3CVSS5.6AI score0.0275EPSS
Exploits3References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2005-1410

Malware in sbrugna...

4.6CVSS6.4AI score0.00317EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2008-1805

Malware in sbrugna...

9.3CVSS6.1AI score0.03898EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-3136

Malware in sbrugna...

9.3CVSS6.4AI score0.06914EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-10989

Malware in sbrugna...

7.1CVSS6.4AI score0.0162EPSS
Exploits0References2
Rows per page
Query Builder