Lucene search
K

25 matches found

The Hacker News
The Hacker News
added 2026/04/16 10:30 a.m.9 views

Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu

A bank approved a Taboola pixel. That pixel quietly redirected logged-in users to a Temu tracking endpoint. This occurred without the bank’s knowledge, without user consent, and without a single security control registering a violation. Read the full technical breakdown in the Security Intelligen...

6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 5:3 p.m.6 views

CVE-2026-32545

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.4 views

EUVD-2026-15923

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 5:17 p.m.3 views

CVE-2026-32545

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...

7.1CVSS0.00146EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:15 p.m.3 views

CVE-2026-32545 WordPress Taboola Pixel plugin <= 1.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...

5.8AI score0.00146EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 4:15 p.m.4 views

CVE-2026-32545

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References2
CVE
CVE
added 2026/03/25 4:15 p.m.10 views

CVE-2026-32545

CVE-2026-32545 is a reflected XSS in the Taboola Pixel WordPress plugin (taboola-pixel). The issue stems from improper neutralization of input during web page generation, affecting Taboola Pixel versions

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:15 p.m.28 views

CVE-2026-32545 WordPress Taboola Pixel plugin <= 1.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...

7.1CVSS0.00146EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.9 views

WordPress plugin Taboola Pixel 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.1CVSS5.7AI score0.00146EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.6 views

PT-2026-28058

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...

5.8AI score0.00146EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/03/20 1:39 p.m.5 views

WordPress Taboola Pixel plugin <= 1.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Ali Osman ERBAS 0110m4n in WordPress Plugin Taboola Pixel versions = 1.1.4...

7.1CVSS5.8AI score0.00146EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-42215

Malicious code in bioql PyPI...

8.8CVSS9AI score0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:16 a.m.7 views

CVE-2023-38398

Cross-Site Request Forgery CSRF vulnerability in Taboola plugin = 2.0.1 versions...

8.8CVSS7.1AI score0.0021EPSS
Exploits0References1
OSV
OSV
added 2023/10/03 11:15 a.m.3 views

CVE-2023-38398

Cross-Site Request Forgery CSRF vulnerability in Taboola plugin = 2.0.1 versions...

8.8CVSS7.3AI score0.0021EPSS
Exploits0References1
NVD
NVD
added 2023/10/03 11:15 a.m.18 views

CVE-2023-38398

Cross-Site Request Forgery CSRF vulnerability in Taboola plugin = 2.0.1 versions...

8.8CVSS5.8AI score0.0021EPSS
Exploits0References1
Prion
Prion
added 2023/10/03 11:15 a.m.13 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Taboola plugin = 2.0.1 versions...

6.8CVSS8.8AI score0.0021EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/03 10:16 a.m.10 views

CVE-2023-38398 WordPress Taboola Plugin <= 2.0.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Taboola plugin = 2.0.1 versions...

4.3CVSS7.1AI score0.0021EPSS
Exploits0References1
CVE
CVE
added 2023/10/03 10:16 a.m.64 views

CVE-2023-38398

CVE-2023-38398 is a CSRF vulnerability in the WordPress Taboola plugin, affecting versions = 2.0.2.

8.8CVSS6.5AI score0.0021EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/03 12:0 a.m.6 views

PT-2023-26405 · Taboola · Taboola

Name of the Vulnerable Software and Affected Versions: Taboola plugin versions = 2.0.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that t...

8.8CVSS8.8AI score0.0021EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2023/10/03 12:0 a.m.11 views

Taboola < 2.0.2 - CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS7AI score0.0021EPSS
Exploits0Affected Software1
Rows per page
Query Builder