Lucene search
K

5 matches found

Patchstack
Patchstack
added 2025/06/18 11:52 a.m.6 views

WordPress Smart Notification Plugin <= 10.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin Smart Notification versions = 10.3...

7.1CVSS5.9AI score0.00215EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/03/19 8:34 p.m.8 views

GHSA-22Q5-9PHM-744V XWiki allows unregistered users to access private pages information through REST endpoint

Impact Protected pages are listed when requesting the REST endpoints /rest/wikis/wikiName/pages even if the user doesn't have view rights on them. It's particularly true if the entire wiki is protected with "Prevent unregistered user to view pages": the endpoint would still list the pages of the...

8.7CVSS6.2AI score0.00906EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/03/19 5:36 p.m.11 views

CVE-2025-29925 XWiki allows unregistered users to access private pages information through REST endpoint

XWiki Platform is a generic wiki platform. Prior to 15.10.14, 16.4.6, and 16.10.0-rc-1, protected pages are listed when requesting the REST endpoints /rest/wikis/wikiName/pages even if the user doesn't have view rights on them. It's particularly true if the entire wiki is protected with "Prevent...

8.7CVSS6.3AI score0.00906EPSS
Exploits1References5
OSV
OSV
added 2024/05/31 8:15 a.m.3 views

CVE-2024-5524

Information exposure vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability allows unregistered users to access all internal links of the application without providing any credentials...

5.3CVSS5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2024/05/31 12:0 a.m.4 views

Astrotalks Information Disclosure Vulnerability

Astrotalks is a free online astrological prediction website from Astrotalks India. An information disclosure vulnerability exists in Astrotalks version 10/03/2023, which stems from allowing unregistered users to access all internal links of the application without providing any credentials...

5.3CVSS6.3AI score0.00309EPSS
Exploits0References2
Rows per page
Query Builder