Lucene search
K

5 matches found

CNNVD
CNNVD
added 2025/11/18 12:0 a.m.5 views

WordPress plugin AI Engine 代码问题漏洞

WordPress AI Engine plugin is a WordPress plugin that is mainly used to integrate OpenAI's ChatGPT, MicrosoftAzure and other AI services into a WordPress website, providing chatbots, content generation, image generation and other features. The WordPress AI Engine plugin suffers from a server-side...

6.8CVSS6.3AI score0.00368EPSS
Exploits0References4
OSV
OSV
added 2025/08/21 5:15 p.m.3 views

CVE-2025-55522

Cross-site scripting XSS vulnerability in the component /common/reports of Akaunting v3.1.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter...

6.5CVSS6.2AI score
Exploits0References2
OSV
OSV
added 2021/04/06 8:0 a.m.3 views

UBUNTU-CVE-2021-28658

In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability...

5.3CVSS7.1AI score0.03865EPSS
Exploits0References4
OSV
OSV
added 2017/07/07 1:29 p.m.2 views

CVE-2017-2222

Cross-site scripting vulnerability in WP-Members prior to version 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.01766EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2013/01/10 8:39 p.m.7 views

rubygem-actionpack: XSS Vulnerability in strip_tags

Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/sanitizehelper.rb in the striptags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup...

4.3CVSS7.3AI score0.01977EPSS
Exploits1References4
Rows per page
Query Builder