Lucene search
K

221 matches found

Positive Technologies
Positive Technologies
added 2025/10/04 12:0 a.m.5 views

PT-2025-40620

Name of the Vulnerable Software and Affected Versions WordPress Cost Calculator Builder plugin versions through 3.5.32 Description The Cost Calculator Builder plugin for WordPress has a flaw that allows unauthorized data modification. A missing capability check in the get cc orders and update ord...

8.1CVSS6.3AI score0.00286EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-30326

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.0046EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.16 views

EUVD-2025-28780

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00227EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-59670

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00242EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-51425

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00234EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-23232

Malicious code in bioql PyPI...

8.8CVSS6.1AI score0.00277EPSS
Exploits0References1
Circl
Circl
added 2025/10/02 12:32 p.m.1 views

GHSA-P8HW-RFJG-689H

creationtimestamp| type| source ---|---|--- 2025-10-02 12:32:45+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115304586574138947...

5.8AI score
Exploits0References1
Circl
Circl
added 2025/09/24 7:49 p.m.2 views

GHSA-2JJV-QF24-VFM4

creationtimestamp| type| source ---|---|--- 2025-09-24 19:49:37+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115261005955876055...

5.8AI score
Exploits0References1
Gitee
Gitee
added 2025/09/13 1:2 a.m.127 views

wazuh

This repository is an issue template for Wazuh, a free and open-source platform for threat prevention, detection, and response. The repository contains various templates for reporting bugs, making feature requests, and testing integration and component tests. The templates are organized by...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/30 6:20 p.m.4 views

CVE-2025-58049

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions from 14.4.2 to before 16.4.8, 16.5.0-rc-1 to before 16.10.7, and 17.0.0-rc-1 to before 17.4.0-rc-1, the PDF export jobs store sensitive cookies unencrypted in job statuses. XWiki...

7.5CVSS6.8AI score0.00341EPSS
Exploits1References1
CVE
CVE
added 2025/08/28 5:43 p.m.24 views

CVE-2025-58049

CVE-2025-58049 affects XWiki Platform components where PDF export jobs serialize request context, including cookies, into job status files. The root cause is unencrypted storage of user cookies (potentially exposing credentials) in the permanent data directory after a PDF export completes. Affect...

7.5CVSS6.4AI score0.00341EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/28 5:43 p.m.2 views

CVE-2025-58049 XWiki PDF export jobs store sensitive cookies unencrypted in job statuses

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions from 14.4.2 to before 16.4.8, 16.5.0-rc-1 to before 16.10.7, and 17.0.0-rc-1 to before 17.4.0-rc-1, the PDF export jobs store sensitive cookies unencrypted in job statuses. XWiki...

5.8CVSS6.4AI score0.00341EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/08/28 5:43 p.m.9 views

CVE-2025-58049 XWiki PDF export jobs store sensitive cookies unencrypted in job statuses

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions from 14.4.2 to before 16.4.8, 16.5.0-rc-1 to before 16.10.7, and 17.0.0-rc-1 to before 17.4.0-rc-1, the PDF export jobs store sensitive cookies unencrypted in job statuses. XWiki...

5.8CVSS0.00341EPSS
Exploits1References3
OSV
OSV
added 2025/08/28 3:10 p.m.2 views

GHSA-9M7C-M33F-3429 XWiki PDF export jobs store sensitive cookies unencrypted in job statuses

Impact The PDF export uses a background job that runs on the server-side. Jobs like this have a status that is serialized in the permanent directory when the job is finished. The job status includes the job request. The PDF export job request is initialized, before the job starts, with some conte...

5.8CVSS6.8AI score0.00341EPSS
Exploits1References5
OSV
OSV
added 2025/08/28 7:15 a.m.3 views

MAL-2025-41469 Malicious code in @twork-data-services/checking-account-option-statuses (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Circl
Circl
added 2025/08/27 1:9 p.m.4 views

CVE-2025-9526

creationtimestamp| type| source ---|---|--- 2025-08-27 13:09:13+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115100886714680020...

9CVSS8.7AI score0.01277EPSS
Exploits1References1
Circl
Circl
added 2025/08/25 2:40 p.m.4 views

CVE-2025-29524

creationtimestamp| type| source ---|---|--- 2025-08-25 14:40:55+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115089922710164590...

6.5CVSS6.7AI score0.00303EPSS
Exploits0References1
NVD
NVD
added 2025/08/21 6:15 a.m.31 views

CVE-2025-7221

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the giveupdatepaymentstatus function in all versions up to, and including, 4.5.0. This makes it possible for authenticated attackers,...

4.3CVSS0.00227EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/21 5:28 a.m.5 views

CVE-2025-7221 GiveWP – Donation Plugin and Fundraising Platform <= 4.5.0 - Missing Authorization to Donation Update

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the giveupdatepaymentstatus function in all versions up to, and including, 4.5.0. This makes it possible for authenticated attackers,...

4.3CVSS6.7AI score0.00227EPSS
Exploits0References3
Circl
Circl
added 2025/08/19 6:39 p.m.4 views

GHSA-HQR4-4GFC-5P2J

creationtimestamp| type| source ---|---|--- 2025-08-19 18:39:17+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115056886214495468...

7.3AI score
Exploits0References1
Rows per page
Query Builder