Lucene search
K

7 matches found

NVD
NVD
added 2025/11/04 12:15 p.m.14 views

CVE-2025-12045

The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the category and tag 'name' parameters in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output...

6.4CVSS0.00218EPSS
Exploits0References5
EUVD
EUVD
added 2025/11/04 11:19 a.m.4 views

EUVD-2025-37757

The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the category and tag 'name' parameters in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output...

6.4CVSS4.6AI score0.00218EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-2983

Malware in sbrugna...

9.8CVSS9.5AI score0.00986EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/08 8:32 p.m.13 views

CVE-2025-8739 zhenfeng13 My-Blog save cross-site request forgery

A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /admin/tags/save. The manipulation of the argument tagName leads to cross-site request forgery. The attack may be initiated remotely. The exploit has...

5.3CVSS0.00213EPSS
Exploits1References4
OSV
OSV
added 2025/07/16 6:15 a.m.6 views

CVE-2025-2799

The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tag-name’ parameter in all versions up to, and including, 3.1.49 due to insufficient input sanitization and output escaping. This makes i...

4.8CVSS5.9AI score0.00205EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.4 views

WordPress plugin WP Event Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

4.8CVSS5.8AI score0.00205EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/17 12:0 a.m.6 views

PT-2024-33262 · WordPress · The Essential Blocks – Page Builder Gutenberg Blocks

Name of the Vulnerable Software and Affected Versions: The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress versions up to, and including, 4.5.12 Description: The issue is related to Stored Cross-Site Scripting via the tagName parameter due to insufficie...

6.4CVSS5.9AI score0.00468EPSS
Exploits0References10
Rows per page
Query Builder