Lucene search
K

60 matches found

Cvelist
Cvelist
added 2026/06/24 5:33 a.m.31 views

CVE-2026-10091 Email JavaScript Cloak <= 1.03 - Unauthenticated Stored Cross-Site Scripting

The Email JavaScript Cloak plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'email' shortcode in all versions up to, and including, 1.03 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...

7.2CVSS0.00264EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 5:33 a.m.9 views

EUVD-2026-38657

The Email JavaScript Cloak plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'email' shortcode in all versions up to, and including, 1.03 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...

7.2CVSS6AI score0.00264EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.5 views

D-Link DIR-645 安全漏洞

The D-Link DIR-645 is a wireless router produced by D-Link Corporation. Versions 1.01, 1.02, and 1.03 of the D-Link DIR-645 contain security vulnerabilities. These vulnerabilities stem from a stack-based buffer overflow vulnerability in the function hedwigcgimain located in the /cgi-bin/hedwig.cg...

9CVSS7.7AI score0.005EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/16 3:30 p.m.4 views

EUVD-2025-208727

Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT Webserver modules allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42...

9.2CVSS6AI score0.00493EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/16 1:27 p.m.25 views

CVE-2025-10461 Global file reads caused by improper URL checks in webserver

Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker filesystem modules allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03...

5.3CVSS0.00369EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:16 a.m.5 views

CVE-2025-14887

The twinklesmtp – Email Service Provider For WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin's sender settings in all versions up to, and including, 1.03 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

4.4CVSS4.9AI score0.00203EPSS
Exploits0References1
NVD
NVD
added 2026/01/07 12:16 p.m.5 views

CVE-2025-14887

The twinklesmtp – Email Service Provider For WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin's sender settings in all versions up to, and including, 1.03 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

4.4CVSS0.00203EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.6 views

PT-2026-1570

Name of the Vulnerable Software and Affected Versions twinklesmtp – Email Service Provider For WordPress plugin versions up to and including 1.03 Description The twinklesmtp – Email Service Provider For WordPress plugin for WordPress is susceptible to Stored Cross-Site Scripting through the...

4.4CVSS5.1AI score0.00203EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/01/07 12:0 a.m.4 views

WordPress plugin twinklesmtp – Email Service Provider For WordPress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

4.4CVSS5.8AI score0.00203EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.5 views

Edimax BR-6208AC 输入验证错误漏洞

The Edimax BR-6208AC is a wireless router from Taiwan, China-based Xunzhou Edimax. An input validation error vulnerability exists in Edimax BR-6208AC version 1.02 and 1.03, which stems from incorrect operation of the parameter wlan-url in the file /goform/formALGSetup, which could lead to an open...

6.1CVSS4.8AI score0.00221EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.3 views

Edimax BR-6208AC 命令注入漏洞

The Edimax BR-6208AC is a wireless router from Taiwan, China-based Xunzhou Edimax Corporation. A command injection vulnerability exists in Edimax BR-6208AC version 1.02 and 1.03, which originates from incorrect manipulation of the file /gogorm/formRoute parameter strIp/strMask/strGateway in the...

9.8CVSS7.8AI score0.04442EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/10/29 7:32 a.m.4 views

CVE-2025-10150

Webserver crash caused by scanning on TCP port 80 in Softing Industrial Automation GmbH gateways and switch.This issue affects smartLink HW-PN: from 1.02 through 1.03 smartLink HW-DP: 1.31...

8.7CVSS7AI score0.00239EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/28 12:0 a.m.9 views

SmartLink HW-PN和SmartLink HW-DP 安全漏洞

SmartLink HW-PN and SmartLink HW-DP are both edge gateway products for industrial automation from SmartLink USA. A security vulnerability exists in SmartLink HW-PN version 1.03 and earlier and SmartLink HW-DP version 1.31, which stems from a scan of TCP port 80 could cause the web server to crash...

8.7CVSS6.6AI score0.00239EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/28 12:0 a.m.6 views

SmartLink HW-PN和SmartLink HW-DP 安全漏洞

SmartLink HW-PN and SmartLink HW-DP are both edge gateway products for industrial automation from SmartLink USA. A security vulnerability exists in SmartLink HW-PN version 1.03 and earlier and SmartLink HW-DP version 1.31, which stems from improper locking and could result in a memory or resource...

7.2CVSS6.7AI score0.00213EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-4065

Malware in sbrugna...

7.5CVSS7.5AI score0.0132EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-4920

Malware in sbrugna...

7.5CVSS6.4AI score0.01236EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.3 views

PT-2025-25230 · Unknown · Mojolicious::Plugin::Csrf

Name of the Vulnerable Software and Affected Versions: Mojolicious::Plugin::CSRF version 1.03 Description: The issue concerns a weak random number source used for generating CSRF tokens. Specifically, the tokens are generated as an MD5 of the process id, the current time, and a single call to the...

7CVSS6.1AI score0.00242EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 5:15 a.m.7 views

CVE-2023-47654

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in livescore.Bz BZScore – Live Score plugin = 1.03 versions...

6.5CVSS5.6AI score0.00409EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.3 views

D-Link DIR-878 安全漏洞

The D-Link DIR-878 is a wireless router from China's AUO D-Link. An information disclosure vulnerability exists in the D-Link DIR-878 version 1.03, which stems from insufficient protection of sensitive information in the component HTTP POST request handler, and can be exploited by an attacker to...

7.5CVSS5.1AI score0.01386EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/12 12:0 a.m.3 views

WordPress plugin Visual Sound 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

6.5CVSS6.5AI score0.00239EPSS
Exploits1References2
Rows per page
Query Builder