Lucene search
K

2898 matches found

Nuclei
Nuclei
added yesterday25 views

WordPress StageShow <5.0.9 - Open Redirect

WordPress StageShow plugin before 5.0.9 contains an open redirect vulnerability in the Redirect function in stageshowredirect.php. A remote attacker can redirect users to arbitrary web sites and conduct phishing attacks via a malicious URL in the url parameter. id: CVE-2015-5461 info: name:...

6.4CVSS6.2AI score0.06283EPSS
Exploits2References5
NVD
NVD
added 2 days ago13 views

CVE-2026-56259

Crawl4AI before 0.8.8 contains credential exfiltration vulnerabilities in the Docker API server that allow attackers to redirect LLM API calls to attacker-controlled endpoints and read arbitrary environment variables. Attackers can exploit the unauthenticated /md, /llm, and /llm/job endpoints by...

8.8CVSS0.00268EPSS
Exploits0References2
CVE
CVE
added 5 days ago14 views

CVE-2026-59721

Hoppscotch (open source API development ecosystem) contains a Rooted Command Execution risk before version 2026.6.0 due to the updateInfraConfigs GraphQL mutation in admin/infra.resolver.ts accepting an attacker-controlled MAILER_SMTP_URL. The validateSMTPUrl in utils.ts permits path, query, or f...

7.2CVSS6.2AI score0.00518EPSS
Exploits0References4
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-14500 Bulk Order Update for WooCommerce <= 1.6 - Unauthenticated Arbitrary File Read via 'csv_url' Parameter

The Bulk Order Update for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 1.6. This is due to the bouwfetchcsvdata AJAX handler being registered on the wpajaxnopriv hook with no capability or nonce check, and passing the attacker-supplied...

5.3CVSS0.00333EPSS
Exploits0References4
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42175

The Bulk Order Update for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 1.6. This is due to the bouwfetchcsvdata AJAX handler being registered on the wpajaxnopriv hook with no capability or nonce check, and passing the attacker-supplied...

5.3CVSS6.1AI score0.00333EPSS
Exploits0References4
Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-14244 Jssor Slider by jssor.com <= 3.1.24 - Unauthenticated Arbitrary File Read via 'url' Parameter

The Jssor Slider by jssor.com plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.1.24 via the 'url' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain...

7.5CVSS0.00692EPSS
Exploits0References7
NVD
NVD
added 2026/07/06 11:16 a.m.9 views

CVE-2025-8591

The software accepts user-supplied input via a URL parameter without adequate output encoding before reflecting it back to the user's browser. This condition allows an attacker to inject malicious script content into pages served by the application. By leveraging this weakness, an attacker can...

6.1CVSS0.00161EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 10:16 a.m.32 views

CVE-2025-8591 Reflected Cross-Site Scripting via URL Parameter in Multiple WSO2 Products Enables UI Modification

The software accepts user-supplied input via a URL parameter without adequate output encoding before reflecting it back to the user's browser. This condition allows an attacker to inject malicious script content into pages served by the application. By leveraging this weakness, an attacker can...

6.1CVSS0.00161EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 10:16 a.m.6 views

CVE-2025-8591

The software accepts user-supplied input via a URL parameter without adequate output encoding before reflecting it back to the user's browser. This condition allows an attacker to inject malicious script content into pages served by the application. By leveraging this weakness, an attacker can...

6.1CVSS6AI score0.00161EPSS
Exploits0References2Affected Software8
CVE
CVE
added 2026/07/06 10:16 a.m.16 views

CVE-2025-8591

The CVE-2025-8591 entry describes a reflected cross-site scripting flaw in multiple WSO2 products, triggered by reflecting user-supplied input from a URL parameter without sufficient output encoding. The vulnerability allows an attacker to cause the user’s browser to redirect to a malicious site,...

6.1CVSS6AI score0.00161EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/03 4:30 a.m.38 views

CVE-2026-11397 WP Import Export Lite <= 3.9.30 - Authenticated (Administrator+) Server-Side Request Forgery via 'file_url' Parameter

The WP Import Export Lite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to and including 3.9.30 via the wpieimportuploadfilefromurl AJAX action. The plugin's URL downloader first calls wpsaferemoteget which correctly blocks private/reserved IP ranges, but wh...

5.5CVSS0.00235EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/01 4:13 p.m.6 views

EUVD-2026-41061

Guardian language-system passes the name GET parameter directly into an unsanitized SQL query in designer.php line 124: SELECT FROM complex WHERE name='".$GET'name'."'. An authenticated attacker can perform error-based SQL injection to extract database contents...

9.8CVSS5.8AI score0.00373EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/30 8:54 a.m.6 views

EUVD-2026-40271

Cross-Site Scripting XSS vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an attacker to execute JavaScript code or inject a dynamic iframe into the victim’s browser by sending a malicious URL via the 'urlDestino' parameter in '/portal.do'. This vulnerability can be...

5.1CVSS5.9AI score0.00366EPSS
Exploits0References1
NVD
NVD
added 2026/06/29 12:16 p.m.8 views

CVE-2026-13560

A security vulnerability has been detected in Edimax EW-7478APC 1.04. The affected element is the function formAccept of the file /goform/formAccept of the component POST Request Handler. The manipulation of the argument submit-url leads to os command injection. The attack is possible to be carri...

6.5CVSS0.01158EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/29 10:45 a.m.35 views

CVE-2026-13560 Edimax EW-7478APC POST Request formAccept os command injection

A security vulnerability has been detected in Edimax EW-7478APC 1.04. The affected element is the function formAccept of the file /goform/formAccept of the component POST Request Handler. The manipulation of the argument submit-url leads to os command injection. The attack is possible to be carri...

6.5CVSS0.01158EPSS
Exploits0References5
NVD
NVD
added 2026/06/24 7:16 a.m.10 views

CVE-2026-12100

The URL Preview plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0 via the 'url' parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be use...

7.2CVSS0.00281EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 5:33 a.m.10 views

CVE-2026-12095

The CVE-2026-12095 entry concerns the WordPress plugin Kargo Takip (versions up to 1.2). It describes an unauthenticated Server-Side Request Forgery (SSRF) via the api_url parameter, enabling an attacker to cause the application to make web requests to arbitrary locations from within the web app....

7.2CVSS6AI score0.0029EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 5:33 a.m.7 views

CVE-2026-12100

The URL Preview plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0 via the 'url' parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be use...

7.2CVSS5.9AI score0.00281EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 5:33 a.m.16 views

CVE-2026-12100

CVE-2026-12100 affects the WordPress URL Preview plugin. It is vulnerable to unauthenticated Server-Side Request Forgery via the url parameter in all versions up to and including 1.0. An unauthenticated attacker can cause the web application to issue requests to arbitrary locations from the web a...

7.2CVSS5.9AI score0.00281EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51672

Name of the Vulnerable Software and Affected Versions Kargo Takip versions prior to 1.3 Description The Kargo Takip plugin for WordPress contains a Server-Side Request Forgery SSRF issue. This allows unauthenticated attackers to initiate web requests to arbitrary locations from the web applicatio...

7.2CVSS5.9AI score0.0029EPSS
Exploits0References11
Rows per page
Query Builder