Lucene search
K

22 matches found

CVE
CVE
added 6 days ago14 views

CVE-2026-54833

CVE-2026-54833 concerns the WordPress Enable CORS plugin

7.4CVSS5.8AI score0.00236EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/25 9:8 p.m.21 views

CVE-2026-24545 WordPress QR Redirector plugin <= 2.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Nikki Blight QR Redirector allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects QR Redirector: from n/a through 2.0.3...

4.3CVSS0.002EPSS
Exploits0References1
OSV
OSV
added 2026/01/20 4:16 p.m.4 views

CVE-2025-65482

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

9.8CVSS6AI score0.00492EPSS
Exploits1References5
NVD
NVD
added 2026/01/20 4:16 p.m.8 views

CVE-2025-65482

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

9.8CVSS0.00492EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.10 views

PT-2026-3152

Name of the Vulnerable Software and Affected Versions Laravel Valet versions 1.1.4 through 2.0.3 Description Laravel Valet versions 1.1.4 to 2.0.3 have a local privilege escalation issue. An attacker can modify the valet command to execute arbitrary code with root permissions without needing...

8.4CVSS6AI score0.00183EPSS
Exploits0References6
CVE
CVE
added 2025/12/24 1:10 p.m.8 views

CVE-2025-67628

CVE-2025-67628 is an XSS vulnerability described as an improper neutralization of input during web page generation in the WordPress plugin Review Disclaimer – AMP-MODE. Affected range is Review Disclaimer: from n/a through

5.9CVSS5.6AI score0.00172EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.4 views

PT-2025-53244

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AMP-MODE Review Disclaimer review-disclaimer allows Stored XSS.This issue affects Review Disclaimer: from n/a through = 2.0.3...

5.4CVSS6AI score0.00172EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 4:18 p.m.9 views

CVE-2025-67561

Missing Authorization vulnerability in Oleksandr Lysyi Debug Log Viewer debug-log-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Debug Log Viewer: from n/a through = 2.0.3...

5.4CVSS0.00168EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-32605

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/09 12:0 a.m.2 views

WordPress plugin Multi CryptoCurrency Payments SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

9.3CVSS9AI score0.00284EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/03 12:0 a.m.4 views

PT-2025-4955 · Unknown · Wow Best Css Compiler

Name of the Vulnerable Software and Affected Versions: WOW Best CSS Compiler versions prior to 2.0.3 Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting XSS. This enables attackers to inject malicious script...

7.1CVSS8.9AI score0.00291EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/11/21 11:22 p.m.6 views

WordPress ContestsWP plugin <= 2.0.3 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin Run Contests, Raffles, and Giveaways with ContestsWP versions = 2.0.3...

6.1CVSS6.3AI score0.00416EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/04 12:0 a.m.5 views

PT-2024-34302 · Unknown · Woocommerce +1

Name of the Vulnerable Software and Affected Versions: Plug your WooCommerce into the largest catalog of customized print products from Helloprint versions n/a through 2.0.2 Description: The issue allows an attacker to upload a web shell to a web server due to an unrestricted upload of file with...

10CVSS7.3AI score0.00501EPSS
Exploits0References9
OSV
OSV
added 2023/12/29 9:15 a.m.3 views

CVE-2023-45751

Improper Control of Generation of Code 'Code Injection' vulnerability in POSIMYTH Nexter Extension.This issue affects Nexter Extension: from n/a through 2.0.3...

7.2CVSS7.3AI score0.00577EPSS
Exploits0References1
OSV
OSV
added 2023/11/18 9:15 p.m.2 views

CVE-2023-47672

Cross-Site Request Forgery CSRF vulnerability in Swashata WP Category Post List Widget.This issue affects WP Category Post List Widget: from n/a through 2.0.3...

8.8CVSS5.8AI score0.00294EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/11/08 12:0 a.m.10 views

PT-2023-30436 · Microweber · Microweber Cms

Name of the Vulnerable Software and Affected Versions: Microweber CMS versions 2.0.1 through 2.0.2 Description: The issue is related to stored Cross Site Scripting XSS via the profile picture file upload functionality. This allows an attacker to inject malicious scripts into the website,...

5.4CVSS5.2AI score0.0051EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2023/11/06 9:15 a.m.4 views

CVE-2023-45657

A vulnerability in posimyththemes Nexter nexter.This issue affects Nexter: from n/a through = 2.0.3...

9.8CVSS8.5AI score0.01284EPSS
Exploits0References3
OSV
OSV
added 2023/07/26 2:15 p.m.3 views

CVE-2023-39155

Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it...

5.3CVSS5.8AI score0.00426EPSS
Exploits0References2
OSV
OSV
added 2023/05/22 9:15 a.m.2 views

CVE-2023-22688

Cross-Site Request Forgery CSRF vulnerability in Abdul Ibad WP Tabs Slides plugin = 2.0.3 versions...

8.8CVSS7.3AI score0.00271EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/10 12:0 a.m.3 views

PT-2022-24957 · Tasklists · Tasklists

Name of the Vulnerable Software and Affected Versions: tasklists versions prior to 2.0.3 Description: The issue allows for Cross-site Scripting XSS where an attacker can create XSS in task content when adding it. There are no known workarounds for this issue. Recommendations: For versions prior t...

8.8CVSS5.8AI score0.00469EPSS
Exploits0References5
Rows per page
Query Builder