Lucene search
K

7 matches found

Patchstack
Patchstack
added 2026/05/01 9:33 a.m.7 views

WordPress AEH Speed Optimization: Browser Cache, Optimized Minify, Lazy Loading & Image Optimization plugin <= 2.9.2 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Add Expires Headers & Optimized Minify versions = 2.9.2...

6.1CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/07 5:33 p.m.4 views

CVE-2025-54718

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NooTheme Yogi - Health Beauty & Yoga noo-yogi allows Reflected XSS.This issue affects Yogi - Health Beauty & Yoga: from n/a through = 2.9.2...

7.1CVSS6.4AI score0.00214EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/09 12:0 a.m.6 views

WordPress plugin Revolution Video Player 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6.4AI score0.00235EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/09 12:0 a.m.2 views

WordPress plugin WP w3all phpBB 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

7.1CVSS7.2AI score0.00173EPSS
Exploits0References1
OSV
OSV
added 2024/04/09 7:15 p.m.7 views

AZL-43177 CVE-2024-1984 affecting package graphene 1.10.4-3

The Graphene theme for WordPress is vulnerable to unauthorized access of data via meta tag in all versions up to, and including, 2.9.2. This makes it possible for unauthenticated individuals to obtain post contents of password protected posts via the generated source...

5.3CVSS5.7AI score0.00523EPSS
Exploits0References1
OSV
OSV
added 2023/12/12 4:15 a.m.3 views

PYSEC-2023-281

Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository mlflow/mlflow prior to 2.9.2...

8.8CVSS7.2AI score0.0093EPSS
Exploits1References6
CNVD
CNVD
added 2017/12/22 12:0 a.m.5 views

Piwigo Batch Manager Component SQL Injection Vulnerability

Piwigo is a web-based photo album software from Piwigo team. The software supports photo publishing, management, multiple browsing category, tag, time, etc. Batch Manager component is one of the manager components. A SQL injection vulnerability exists in the Batch Manager component in Piwigo...

4.9CVSS8.2AI score0.01504EPSS
Exploits1References1
Rows per page
Query Builder