Lucene search
K

159 matches found

NVD
NVD
added 2026/06/19 3:16 p.m.16 views

CVE-2026-21768

The compose-rich-editor library v1.0.0-rc14 used in HCL Verse for Android's rich text email composition fails to properly validate all HTML input thereby allowing malicious content to be executed in certain situations...

6.3CVSS0.00112EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/19 2:50 p.m.35 views

CVE-2026-21768 HCL Verse for Android is susceptible to an injection vulnerability

The compose-rich-editor library v1.0.0-rc14 used in HCL Verse for Android's rich text email composition fails to properly validate all HTML input thereby allowing malicious content to be executed in certain situations...

6.3CVSS0.00112EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/19 2:50 p.m.10 views

EUVD-2026-38035

The compose-rich-editor library v1.0.0-rc14 used in HCL Verse for Android's rich text email composition fails to properly validate all HTML input thereby allowing malicious content to be executed in certain situations...

6.3CVSS5.8AI score0.00112EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/19 2:50 p.m.4 views

CVE-2026-21768

The compose-rich-editor library v1.0.0-rc14 used in HCL Verse for Android's rich text email composition fails to properly validate all HTML input thereby allowing malicious content to be executed in certain situations...

6.3CVSS5.8AI score0.00112EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/19 2:50 p.m.18 views

CVE-2026-21768

CVE-2026-21768 affects the compose-rich-editor library (v1.0.0-rc14) used in HCL Verse for Android. The vulnerability arises from improper validation of HTML input in the rich text editor, enabling execution of malicious content in certain scenarios. According to NVD, CVSSv3.1 base score is 6.3 (...

6.3CVSS5.8AI score0.00112EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-50924

Name of the Vulnerable Software and Affected Versions compose-rich-editor version 1.0.0-rc14 Description The compose-rich-editor library, used in HCL Verse for Android for rich text email composition, fails to properly validate HTML input. This lack of validation allows malicious content to be...

6.3CVSS5.8AI score0.00112EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/06 7:54 a.m.10 views

CVE-2026-28128

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Verse verse allows PHP Local File Inclusion.This issue affects Verse: from n/a through = 1.7.0...

8.1CVSS5.8AI score0.00337EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/05 6:30 a.m.9 views

EUVD-2026-9780

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Verse verse allows PHP Local File Inclusion.This issue affects Verse: from n/a through = 1.7.0...

8.1CVSS5.9AI score0.00337EPSS
Exploits0References2
NVD
NVD
added 2026/03/05 6:16 a.m.10 views

CVE-2026-28128

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Verse verse allows PHP Local File Inclusion.This issue affects Verse: from n/a through = 1.7.0...

8.1CVSS0.00337EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 5:54 a.m.32 views

CVE-2026-28128 WordPress Verse theme <= 1.7.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Verse verse allows PHP Local File Inclusion.This issue affects Verse: from n/a through = 1.7.0...

8.1CVSS0.00337EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/05 5:54 a.m.4 views

CVE-2026-28128 WordPress Verse theme <= 1.7.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Verse verse allows PHP Local File Inclusion.This issue affects Verse: from n/a through = 1.7.0...

5.8AI score0.00337EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/05 5:54 a.m.6 views

CVE-2026-28128

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Verse verse allows PHP Local File Inclusion.This issue affects Verse: from n/a through = 1.7.0...

8.1CVSS5.9AI score0.00337EPSS
Exploits0References2
CVE
CVE
added 2026/03/05 5:54 a.m.15 views

CVE-2026-28128

CVE-2026-28128 is a Local File Inclusion vulnerability in the ThemeREX Verse WordPress theme (Verse) due to improper control of filenames for include/require statements. Affected: Verse versions up to and including 1.7.0. Public sources (NVD/CVEs, Red Hat, CVE/CIRCL, PatchStack, Wordfence) consis...

8.1CVSS5.9AI score0.00337EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.10 views

PT-2026-23400

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Verse verse allows PHP Local File Inclusion.This issue affects Verse: from n/a through = 1.7.0...

5.9AI score0.00337EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.10 views

WordPress plugin Verse 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.1CVSS5.8AI score0.00337EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/02/26 10:33 a.m.5 views

WordPress Verse theme <= 1.7.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Verse versions = 1.7.0...

8.1CVSS5.9AI score0.00337EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/08 1:3 p.m.9 views

CVE-2026-1570

The Simple Bible Verse via Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's verse shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.6AI score0.0019EPSS
Exploits0References1
NVD
NVD
added 2026/02/07 9:16 a.m.10 views

CVE-2026-1570

The Simple Bible Verse via Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's verse shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.0019EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/07 8:26 a.m.4 views

CVE-2026-1570

The Simple Bible Verse via Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's verse shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.6AI score0.0019EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/07 8:26 a.m.4 views

CVE-2026-1570 Simple Bible Verse via Shortcode <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Simple Bible Verse via Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's verse shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.0019EPSS
Exploits0References2
Rows per page
Query Builder