Lucene search
K

109 matches found

NVD
NVD
added yesterday4 views

CVE-2026-57369

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Builder themify-builder allows Reflected XSS.This issue affects Themify Builder: from n/a through = 7.7.4...

7.1CVSS0.00251EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-57369 WordPress Themify Builder plugin <= 7.7.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Builder themify-builder allows Reflected XSS.This issue affects Themify Builder: from n/a through = 7.7.4...

7.1CVSS0.00251EPSS
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-57369

CVE-2026-57369 is a reflected Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Themify Builder (versions up to and including 7.7.4). The issue arises from improper neutralization of user input during web page generation, enabling an attacker to inject script via crafted input that...

7.1CVSS6.1AI score0.00251EPSS
Exploits0References1
Nuclei
Nuclei
added yesterday43 views

WordPress Themify Builder < 7.5.8 - Open Redirect

The Themify Builder WordPress plugin before version 7.5.8 contains an open redirect vulnerability. The plugin does not validate the tbredirectfail parameter before redirecting users to its value, which could allow attackers to redirect users to malicious websites. id: CVE-2024-3032 info: name:...

6.1CVSS6.1AI score0.00823EPSS
Exploits2References2
NVD
NVD
added 3 days ago7 views

CVE-2026-15096

The Themify Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Map Module 'bwidthmap' Field in all versions up to, and including, 7.7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...

6.4CVSS0.00193EPSS
Exploits0References5
NVD
NVD
added 3 days ago12 views

CVE-2026-15097

The Themify Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'heightslider' Slider Module Field in all versions up to, and including, 7.7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00201EPSS
Exploits0References6
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-43139

The Themify Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Map Module 'bwidthmap' Field in all versions up to, and including, 7.7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...

6.4CVSS6.2AI score0.00193EPSS
Exploits0References5
CVE
CVE
added 3 days ago9 views

CVE-2026-15096

The CVE concerns the Themify Builder WordPress plugin. A Stored Cross-Site Scripting (XSS) flaw exists in the Map Module’s b_width_map field across all versions up to 7.7.6, caused by insufficient input sanitization and output escaping. Authenticated attackers with contributor-level access or hig...

6.4CVSS6.2AI score0.00193EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-15096 Themify Builder <= 7.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Map Module 'b_width_map' Field

The Themify Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Map Module 'bwidthmap' Field in all versions up to, and including, 7.7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...

6.4CVSS0.00193EPSS
Exploits0References5
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-43132

The Themify Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'heightslider' Slider Module Field in all versions up to, and including, 7.7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS6.2AI score0.00201EPSS
Exploits0References6
CVE
CVE
added 3 days ago10 views

CVE-2026-15097

CVE-2026-15097 affects Themify Builder for WordPress (up to version 7.7.6). The issue is a Stored Cross-Site Scripting via the height_slider Slider Module Field caused by insufficient input sanitization and output escaping, exploitable by authenticated users with contributor-level access and high...

6.4CVSS6.2AI score0.00201EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 3 days ago6 views

PT-2026-57391

Name of the Vulnerable Software and Affected Versions Themify Builder versions prior to 7.7.7 Description Insufficient input sanitization and output escaping in the Map Module allow authenticated attackers with contributor-level access and above to perform Stored Cross-Site Scripting. This is...

6.4CVSS6.2AI score0.00193EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 3 days ago11 views

PT-2026-57392

Name of the Vulnerable Software and Affected Versions Themify Builder versions prior to 7.7.7 Description Stored Cross-Site Scripting occurs due to insufficient input sanitization and output escaping. Authenticated attackers with contributor-level access or higher can inject arbitrary web scripts...

6.4CVSS6.2AI score0.00201EPSS
Exploits0References9
Patchstack
Patchstack
added last week5 views

WordPress Themify Builder plugin <= 7.7.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Themify Builder versions = 7.7.4...

7.1CVSS5.9AI score0.00251EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.27 views

EUVD-2024-22235

Malicious code in bioql PyPI...

8.8CVSS6.1AI score0.00214EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-45908

Malicious code in bioql PyPI...

6.5CVSS8.6AI score0.00228EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25286

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00222EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-30960

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00304EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-48688

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.0029EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-53014

Malicious code in bioql PyPI...

6.5CVSS8.6AI score0.00449EPSS
Exploits0References1
Rows per page
Query Builder