Lucene search
+L

126 matches found

NVD
NVD
added 2026/06/26 3:16 p.m.7 views

CVE-2026-56067

Unauthenticated SQL Injection in JetSmartFilters = 3.8.3 versions...

9.3CVSS0.00236EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.21 views

CVE-2026-56067

CVE-2026-56067 affects WordPress JetSmartFilters plugin versions up to and including 3.8.3. The vulnerability is an unauthenticated SQL Injection in JetSmartFilters (plugin/WP integration). The root cause, as stated in the sources, is a SQL injection flaw that can be exploited without authenticat...

9.3CVSS5.8AI score0.00236EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.37 views

CVE-2026-56067 WordPress JetSmartFilters plugin <= 3.8.3 - SQL Injection vulnerability

Unauthenticated SQL Injection in JetSmartFilters = 3.8.3 versions...

9.3CVSS0.00236EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.7 views

EUVD-2026-39720

Unauthenticated SQL Injection in JetSmartFilters = 3.8.3 versions...

9.3CVSS5.8AI score0.00236EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.31 views

CVE-2026-39006

An issue in SNMP4J-Agent 3.8.3 allows a remote attacker to execute arbitrary code via the snmp4jCfgStoragePath component...

0.00515EPSS
Exploits1References1
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.9 views

CVE-2026-42010 affecting package gnutls for versions less than 3.8.3-11

CVE-2026-42010 affecting package gnutls for versions less than 3.8.3-11. A patched version of the package is available...

9.8CVSS5.4AI score0.0105EPSS
Exploits0
Patchstack
Patchstack
added 2026/05/01 9:15 a.m.8 views

WordPress WP Post Author – Author Box, Multiple Authors, Guest Authors & Custom Avatars plugin <= 3.8.3 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin WP Post Author versions = 3.8.3...

6.1CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/29 11:3 p.m.6 views

CVE-2026-5012

A flaw has been found in elecV2 elecV2P up to 3.8.3. This issue affects the function pm2run of the file /rpc. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used. The project was informed of the problem ear...

7.5CVSS5.6AI score0.01381EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/29 11:3 p.m.6 views

CVE-2026-5014

A vulnerability was found in elecV2 elecV2P up to 3.8.3. The affected element is the function path.join of the file /log/ of the component Wildcard Handler. The manipulation results in path traversal. The attack may be performed from remote. The exploit has been made public and could be used. The...

6.9CVSS5.4AI score0.00449EPSS
Exploits0References1
NVD
NVD
added 2026/03/28 10:15 p.m.7 views

CVE-2026-5016

A vulnerability was identified in elecV2 elecV2P up to 3.8.3. This affects the function eAxios of the file /mock of the component URL Handler. Such manipulation of the argument req leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly availabl...

7.5CVSS0.003EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/28 9:45 p.m.35 views

CVE-2026-5016 elecV2 elecV2P URL mock eAxios server-side request forgery

A vulnerability was identified in elecV2 elecV2P up to 3.8.3. This affects the function eAxios of the file /mock of the component URL Handler. Such manipulation of the argument req leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly availabl...

7.5CVSS0.003EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/28 9:33 p.m.6 views

EUVD-2026-16947

A vulnerability was found in elecV2 elecV2P up to 3.8.3. The affected element is the function path.join of the file /log/ of the component Wildcard Handler. The manipulation results in path traversal. The attack may be performed from remote. The exploit has been made public and could be used. The...

6.9CVSS5.4AI score0.00449EPSS
Exploits0References6
CVE
CVE
added 2026/03/28 9:0 p.m.27 views

CVE-2026-5014

The CVE-2026-5014 affects elecV2 elecV2P up to version 3.8.3, targeting the path.join operation in the /log/ component of the Wildcard Handler. The issue enables path traversal and can be exploited remotely. Public exploit exists; the project was informed via issue reports but has not responded. ...

6.9CVSS5.6AI score0.00449EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/28 6:30 p.m.2 views

CVE-2026-5011 elecV2 elecV2P JSON webhook runJSFile code injection

A vulnerability was detected in elecV2 elecV2P up to 3.8.3. This vulnerability affects the function runJSFile of the file /webhook of the component JSON Parser. Performing a manipulation of the argument rawcode results in code injection. Remote exploitation of the attack is possible. The exploit ...

6.5CVSS5.6AI score0.00232EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/28 6:30 p.m.2 views

CVE-2026-5011

A vulnerability was detected in elecV2 elecV2P up to 3.8.3. This vulnerability affects the function runJSFile of the file /webhook of the component JSON Parser. Performing a manipulation of the argument rawcode results in code injection. Remote exploitation of the attack is possible. The exploit ...

6.5CVSS5.6AI score0.00232EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/28 12:0 a.m.9 views

PT-2026-28730

Name of the Vulnerable Software and Affected Versions elecV2 elecV2P versions through 3.8.3 Description A server-side request forgery condition exists due to manipulation of the req argument within the eAxios function located in the /mock file of the URL Handler component. This allows for remote...

7.5CVSS5.8AI score0.003EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/03/28 12:0 a.m.8 views

elecV2P 路径遍历漏洞

elecV2P is a network request modification and scheduled task tool developed by the elecV2 individual developer. Versions of elecV2P 3.8.3 and earlier have a path traversal vulnerability. This vulnerability stems from improper handling of parameters in the path.join function of the file/store/:key...

6.9CVSS6.1AI score0.00591EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.6 views

CVE-2026-3955

A security vulnerability has been detected in elecV2P up to 3.8.3. Affected by this issue is the function runJSFile of the file source-code/elecV2P-master/webser/wbjs.js of the component jsfile Endpoint. Such manipulation leads to code injection. The attack may be launched remotely. The exploit h...

6.5CVSS6.2AI score0.00228EPSS
Exploits0References1
CVE
CVE
added 2026/03/11 8:32 p.m.11 views

CVE-2026-3955

The CVE-2026-3955 entry affects elecV2P up to version 3.8.3. The vulnerable component is the function runJSFile in file source-code/elecV2P-master/webser/wbjs.js of the jsfile Endpoint, with code injection as the underlying issue. Attacker can potentially exploit remotely, and public disclosure o...

6.5CVSS6.2AI score0.00228EPSS
Exploits0References5
OSV
OSV
added 2026/03/06 7:16 p.m.2 views

DEBIAN-CVE-2026-29063

Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3, 4.3.7, and 5.1.5, Prototype Pollution is possible in immutable via the mergeDeep, mergeDeepWith, merge, Map.toJS, and Map.toObject APIs. This issue has been patched in versions 3.8.3, 4.3.7, and 5.1.5...

9.8CVSS8.2AI score0.00978EPSS
Exploits1References1
Rows per page
Query Builder