Lucene search
+L

4 matches found

Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.14 views

PT-2026-43501

The GNTT Post Title Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting in version 1.0 via the title-ticker-slide, title-ticker-fade, and title-ticker-typing shortcodes. This is due to insufficient input sanitization and output escaping on shortcode attributes notably border,...

6.4CVSS6AI score0.00187EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/24 7:45 a.m.5 views

CVE-2026-4078

The ITERAS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes iteras-ordering, iteras-signup, iteras-paywall-login, iteras-selfservice in all versions up to and including 1.8.2. This is due to insufficient input sanitization and output escaping in the...

6.4CVSS5.2AI score0.00257EPSS
Exploits0References15
Vulnrichment
Vulnrichment
added 2025/09/11 5:26 p.m.2 views

CVE-2025-58364 cups: Remote DoS via null dereference

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local...

6.5CVSS6.4AI score0.01063EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/05/08 12:0 a.m.6 views

WordPress plugin WP Login Box 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS6.3AI score0.00442EPSS
Exploits2References2
Rows per page
Query Builder