Lucene search
K

6573 matches found

Nuclei
Nuclei
added 7 hours ago79 views

Uncanny Toolkit for LearnDash - Open Redirection

A vulnerability in the WordPress Uncanny Toolkit for LearnDash Plugin allowed malicious actors to redirect users, posing a potential risk of phishing incidents. The issue has been resolved in version 3.6.4.4, and users are urged to update for security. id: CVE-2023-34020 info: name: Uncanny Toolk...

6.1CVSS6.9AI score0.00963EPSS
Exploits0References3
Nuclei
Nuclei
added 7 hours ago7 views

WP Extended < 3.0.0 - Stored Cross-Site Scripting

The Ultimate WordPress Toolkit - WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...

7.1CVSS6.2AI score0.0063EPSS
Exploits0References4
NVD
NVD
added 3 days ago8 views

CVE-2026-2354

The Swiss Toolkit For WP plugin for WordPress is vulnerable to arbitrary file upload due to a flawed file type validation bypass in the uploadextensionfiles function in all versions up to, and including, 1.4.6. The uploadextensionfiles function hooks into WordPress's wpcheckfiletypeandext filter...

8.8CVSS0.00553EPSS
Exploits0References5
CVE
CVE
added 3 days ago7 views

CVE-2026-2354

CVE-2026-2354 affects the Swiss Toolkit For WP WordPress plugin up to version 1.4.6. A flawed file type validation bypass in upload_extension_files() hooks into wp_check_filetype_and_ext and uses strpos() on the filename to validate extensions instead of checking the actual file type. This enable...

8.8CVSS6.5AI score0.00553EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-2354 Swiss Toolkit For WP <= 1.4.6 - Authenticated (Author+) Arbitrary File Upload via upload_extension_files()

The Swiss Toolkit For WP plugin for WordPress is vulnerable to arbitrary file upload due to a flawed file type validation bypass in the uploadextensionfiles function in all versions up to, and including, 1.4.6. The uploadextensionfiles function hooks into WordPress's wpcheckfiletypeandext filter...

8.8CVSS0.00553EPSS
Exploits0References5
NVD
NVD
added 4 days ago6 views

CVE-2026-15296

The affiliate-toolkit – WP Affiliate Plugin with Amazon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'atkpproduct' shortcode in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. Th...

6.4CVSS0.00266EPSS
Exploits0References3
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42803

The affiliate-toolkit – WP Affiliate Plugin with Amazon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'atkpproduct' shortcode in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. Th...

6.4CVSS6.1AI score0.00266EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-15296

The affiliate-toolkit – WP Affiliate Plugin with Amazon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'atkpproduct' shortcode in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. Th...

6.4CVSS6.1AI score0.00266EPSS
Exploits0References4
CVE
CVE
added 4 days ago7 views

CVE-2026-15296

The CVE-2026-15296 entry identifies a Stored Cross-Site Scripting vulnerability in the affiliate-toolkit – WP Affiliate Plugin with Amazon for WordPress, exploitable via the atkp_product shortcode in all versions

6.4CVSS6.1AI score0.00266EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-15296 affiliate-toolkit – WP Affiliate Plugin with Amazon <= 3.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The affiliate-toolkit – WP Affiliate Plugin with Amazon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'atkpproduct' shortcode in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. Th...

6.4CVSS0.00266EPSS
Exploits0References3
CVE
CVE
added 6 days ago21 views

CVE-2026-55878

The CVE-2026-55878 issue affects Symfony UX Toolkit. Affected: Symfony UX versions 2.32.0–2.36.0 and 3.0.0–3.1.x (pre-2.36.1/3.2.0). The ux:install console command copies files from a recipe kit using paths listed in copy-files; because Path::isRelative() treats paths like ../../../etc as relativ...

7.8CVSS6AI score0.00146EPSS
Exploits0References4
Wolfi
Wolfi
added 6 days ago6 views

GHSA-P4GQ-832X-FM9V vulnerabilities

Vulnerabilities for packages: py3-nltk...

5.9AI score
Exploits0
Wolfi
Wolfi
added 6 days ago7 views

CVE-2026-12243 vulnerabilities

Vulnerabilities for packages: py3-nltk...

7.5CVSS7AI score0.0051EPSS
Exploits1
Chainguard
Chainguard
added 6 days ago7 views

CVE-2026-54293 vulnerabilities

Vulnerabilities for packages: apache-beam-python-3.13-sdk, apache-beam-python-3.12-sdk, py3-nltk...

7.5CVSS6.1AI score0.00378EPSS
Exploits1
Fedora
Fedora
added 2026/07/06 2:55 p.m.20 views

[SECURITY] Fedora 44 Update: mir-2.26.0-2.fc44

Mir is a Wayland display server toolkit for Linux systems, with a focus on efficiency, robust operation, and a well-defined driver model...

6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/07/06 8:46 a.m.4 views

CVE-2026-12252

A flaw was found in the nltk library. Several Stanford interface classes within nltk are susceptible to arbitrary code execution. This vulnerability allows a local attacker to execute malicious code by providing an untrusted Java Archive JAR file, as the system lacks integrity verification for...

7.8CVSS6.4AI score0.00158EPSS
Exploits1References4
OSV
OSV
added 2026/07/04 2:16 a.m.11 views

DEBIAN-CVE-2026-12252

In nltk/nltk versions 3.9.3 and earlier, five Stanford interface classes StanfordPOSTagger, StanfordNERTagger, StanfordParser, StanfordDependencyParser, and StanfordNeuralDependencyParser are vulnerable to untrusted JAR code execution. These classes accept user-controllable JAR paths and execute...

7.8CVSS7.7AI score0.00158EPSS
Exploits1References1
OSV
OSV
added 2026/07/04 2:16 a.m.3 views

UBUNTU-CVE-2026-12252

In nltk/nltk versions 3.9.3 and earlier, five Stanford interface classes StanfordPOSTagger, StanfordNERTagger, StanfordParser, StanfordDependencyParser, and StanfordNeuralDependencyParser are vulnerable to untrusted JAR code execution. These classes accept user-controllable JAR paths and execute...

7.8CVSS7.7AI score0.00158EPSS
Exploits1References3
EUVD
EUVD
added 2026/07/04 12:58 a.m.9 views

EUVD-2026-41656

In nltk/nltk versions 3.9.3 and earlier, five Stanford interface classes StanfordPOSTagger, StanfordNERTagger, StanfordParser, StanfordDependencyParser, and StanfordNeuralDependencyParser are vulnerable to untrusted JAR code execution. These classes accept user-controllable JAR paths and execute...

10CVSS7.8AI score0.00809EPSS
Exploits4References1
ATTACKERKB
ATTACKERKB
added 2026/07/04 12:58 a.m.5 views

CVE-2026-12252

In nltk/nltk versions 3.9.3 and earlier, five Stanford interface classes StanfordPOSTagger, StanfordNERTagger, StanfordParser, StanfordDependencyParser, and StanfordNeuralDependencyParser are vulnerable to untrusted JAR code execution. These classes accept user-controllable JAR paths and execute...

7.8CVSS7.7AI score0.00158EPSS
Exploits1References2
Rows per page
Query Builder