Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/05/04 5:44 p.m.5 views

CVE-2026-41572 Note Mark: Unauthenticated read of notes and assets in soft-deleted public books

Note Mark is an open-source note-taking application. Prior to version 0.19.3, after a note-mark owner soft-deletes a public book, its notes and uploaded assets stay readable at /api/notes/id, /api/notes/id/content, the slug URL, and the asset endpoints. Unauthenticated callers who hold the note I...

5.3CVSS5.7AI score0.00194EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.7 views

PT-2026-23147

Name of the Vulnerable Software and Affected Versions Theater for WordPress versions prior to 0.19 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting issue. This allows for Stored XSS attacks...

5.8AI score0.00211EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/06 4:36 p.m.5 views

CVE-2025-69331 WordPress Theater for WordPress plugin <= 0.19 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jeroen Schmit Theater for WordPress theatre allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theater for WordPress: from n/a through = 0.19...

6.6AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/22 12:26 p.m.10 views

CVE-2024-12215

In kedro-org/kedro version 0.19.8, the pullpackage API function allows users to download and extract micro packages from the Internet. However, the function projectwheelmetadata within the code path can execute the setup.py file inside the tar file, leading to remote code execution RCE by running...

8.8CVSS8.3AI score0.00986EPSS
Exploits0References1
Rows per page
Query Builder