Lucene search
K

14 matches found

Cvelist
Cvelist
added last week34 views

CVE-2026-57687 WordPress Custom Field Template plugin <= 2.7.8 - SQL Injection vulnerability

Contributor SQL Injection in Custom Field Template = 2.7.8 versions...

8.5CVSS0.0022EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/10 2:37 p.m.9 views

WordPress WP Migrate Lite plugin <= 2.7.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin WP Migrate Lite versions = 2.7.8...

4.7CVSS5.3AI score0.00116EPSS
Exploits0Affected Software1
Circl
Circl
added 2026/04/07 3:2 p.m.7 views

CVE-2020-27813

creationtimestamp| type| source ---|---|--- 2026-04-07 15:02:10+00:00| seen| https://t.me/codebysec/9952...

7.5CVSS6.5AI score0.02103EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/30 2:32 p.m.4 views

CVE-2025-13790 Scada-LTS cross-site request forgery

A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure...

5.3CVSS6.2AI score0.00225EPSS
Exploits1References5
CVE
CVE
added 2025/10/22 2:32 p.m.11 views

CVE-2025-49939

CVE-2025-49939 concerns the WordPress plugin JetElements For Elementor (component: jet-elements ) with versions up to and including 2.7.8. The issue is a Stored Cross-Site Scripting (XSS) vulnerability caused by improper neutralization of input during web page generation. The impact, as stated, i...

6.5CVSS5.9AI score0.00203EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.4 views

WordPress plugin JetElements For Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A cross-site scriptin...

6.5CVSS5.9AI score0.00203EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/12 12:21 p.m.5 views

CVE-2025-40979

DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the 'C:\Users\AppData\Local\Temp' directory, which could lead to...

7CVSS7.8AI score0.0013EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/08/03 9:14 a.m.5 views

WordPress JetElements For Elementor plugin <= 2.7.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter in WordPress Plugin JetElements For Elementor versions = 2.7.8...

6.5CVSS6.1AI score0.00203EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/17 12:0 a.m.6 views

PT-2024-8682 · Scada-Lts · Scada-Lts

Name of the Vulnerable Software and Affected Versions: Scada-LTS version 2.7.8 Description: A vulnerability has been found in the Message Handler component of Scada-LTS, related to the file /Scada-LTS/app.shtm/alarms/Scada. The manipulation leads to cross-site scripting. The attack can be launche...

5.4CVSS4.1AI score0.00338EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2023/02/23 12:0 a.m.9 views

PT-2023-20614 · WordPress · Buddyforms

Name of the Vulnerable Software and Affected Versions: BuddyForms WordPress plugin versions prior to 2.7.8 Description: The issue is related to an unauthenticated insecure deserialization problem. An attacker could exploit this to call files using a PHAR wrapper, which deserializes data and calls...

9.8CVSS9.7AI score0.03824EPSS
Exploits5References7
ATTACKERKB
ATTACKERKB
added 2021/08/13 4:15 p.m.2 views

CVE-2021-37693

Discourse is an open-source platform for community discussion. In Discourse before versions 2.7.8 and 2.8.0.beta4, when adding additional email addresses to an existing account on a Discourse site an email token is generated as part of the email verification process. Deleting the additional email...

7.5CVSS5.4AI score0.00833EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/05/25 2:15 p.m.5 views

CVE-2021-29202

A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4; HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 iLO 5 for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H...

6.7CVSS6.1AI score0.00283EPSS
Exploits0References1
CNVD
CNVD
added 2018/02/05 12:0 a.m.4 views

XSS vulnerability in phpok version 4.8.278

phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. An XSS vulnerability exists in phpok version 4.8.278. The vulnerability stems from insufficient filtering of URL jump parameters, which can be exploited by attackers to obtain...

6AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2005/02/15 9:4 a.m.2 views

security flaw

The publisher handler for modpython 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL...

7.5CVSS5.9AI score0.06465EPSS
Exploits0References4
Rows per page
Query Builder