Lucene search
K

358 matches found

Cvelist
Cvelist
added 2025/07/18 5:24 a.m.14 views

CVE-2025-5752 Vertical scroll image slideshow gallery <= 11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter

The Vertical scroll image slideshow gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 11.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00218EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/18 12:0 a.m.9 views

WordPress plugin Vertical scroll image slideshow gallery cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS5.4AI score0.00218EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/07/17 8:52 a.m.3 views

Security update for MozillaFirefox, MozillaFirefox-branding-SLE

This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: This is the Firefox Extended Support Release 140.0esr ESR Major changes: General: Reader View now has an enhanced Text and Layout menu with new options for character spacing, word spacing, and text alignment...

8.8CVSS7.2AI score0.03057EPSS
Exploits1References28
OSV
OSV
added 2025/07/17 8:52 a.m.3 views

SUSE-SU-2025:02339-1 Security update for MozillaFirefox, MozillaFirefox-branding-SLE

This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: This is the Firefox Extended Support Release 140.0esr ESR Major changes: General: - Reader View now has an enhanced Text and Layout menu with new options for character spacing, word spacing, and text alignment...

9.8CVSS6.6AI score0.03057EPSS
Exploits1References15
Packet Storm News
Packet Storm News
added 2025/07/14 12:0 a.m.5 views

HASSLE: a Self-Supervised Learning Enhanced Hijacking Attack on Vertical Federated Learning

Vertical Federated Learning VFL enables an orchestrating active party to perform a machine learning task by cooperating with passive parties that provide additional task-related features for the same training data entities. While prior research has leveraged the privacy vulnerability of VFL to...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/29 12:6 p.m.17 views

CVE-2025-52727

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuanticaLabs CSS3 Vertical Web Pricing Tables css3verticalwebpricingtables allows Reflected XSS.This issue affects CSS3 Vertical Web Pricing Tables: from n/a through = 1.9...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/27 11:52 a.m.6 views

CVE-2025-52727 WordPress CSS3 Vertical Web Pricing Tables plugin <= 1.9 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuanticaLabs CSS3 Vertical Web Pricing Tables css3verticalwebpricingtables allows Reflected XSS.This issue affects CSS3 Vertical Web Pricing Tables: from n/a through = 1.9...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/27 11:52 a.m.15 views

CVE-2025-52727 WordPress CSS3 Vertical Web Pricing Tables plugin <= 1.9 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuanticaLabs CSS3 Vertical Web Pricing Tables css3verticalwebpricingtables allows Reflected XSS.This issue affects CSS3 Vertical Web Pricing Tables: from n/a through = 1.9...

7.1CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2025/06/27 11:52 a.m.18 views

CVE-2025-52727

Summary (CVE-2025-52727) : The WordPress plugin “CSS3 Vertical Web Pricing Tables” by QuanticaLabs is affected by a reflected XSS due to improper input neutralization during web page generation. The vulnerability affects versions n/a through 1.9 and is classified with CVSS v3.1: AV:N/AC:L/PR:N/UI...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.5 views

Autonomous 3D Moving Target Encirclement and Interception with Range Measurement

Commercial UAVs are an emerging security threat as they are capable of carrying hazardous payloads or disrupting air traffic. To counter UAVs, we introduce an autonomous 3D target encirclement and interception strategy. Unlike traditional ground-guided systems, this strategy employs autonomous...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/07 12:0 a.m.5 views

LADSG: Label-Anonymized Distillation and Similar Gradient Substitution for Label Privacy in Vertical Federated Learning

Vertical federated learning VFL has become a key paradigm for collaborative machine learning, enabling multiple parties to train models over distributed feature spaces while preserving data privacy. Despite security protocols that defend against external attacks - such as gradient masking and...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/01 12:0 a.m.4 views

IDCloak: a Practical Secure Multi-Party Dataset Join Framework for Vertical Privacy-Preserving Machine Learning

Vertical privacy-preserving machine learning vPPML enables multiple parties to train models on their vertically distributed datasets while keeping datasets private. In vPPML, it is critical to perform the secure dataset join, which aligns features corresponding to intersection IDs across datasets...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:14 a.m.6 views

CVE-2024-53756

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aftab Husain Vertical Carousel vertical-carousel-slider allows Stored XSS.This issue affects Vertical Carousel: from n/a through = 1.0.2...

6.5CVSS7.2AI score0.00283EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:15 a.m.10 views

CVE-2023-47671

Cross-Site Request Forgery CSRF vulnerability in Gopi Ramasamy Vertical scroll recent.This issue affects Vertical scroll recent post: from n/a through 14.0...

8.8CVSS8AI score0.0028EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:16 a.m.7 views

CVE-2023-2289

The wordpress vertical image slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘searchterm’ parameter in versions up to, and including, 1.2.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

6.1CVSS5.6AI score0.00433EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:29 p.m.6 views

CVE-2022-1171

The Vertical scroll recent post WordPress plugin before 14.0 does not sanitise and escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.7AI score0.00773EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:17 a.m.8 views

CVE-2017-1000241

The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected by vertical privilege escalation vulnerability. This vulnerability can allow an authenticated non-administrator users to view and modify information only accessible to administrators...

8.1CVSS6.7AI score0.00697EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/04/30 12:0 a.m.5 views

Bilateral Differentially Private Vertical Federated Boosted Decision Trees

Federated learning is a distributed machine learning paradigm that enables collaborative training across multiple parties while ensuring data privacy. Gradient Boosting Decision Trees GBDT, such as XGBoost, have gained popularity due to their high performance and strong interpretability. Therefor...

6.9AI score
Exploits0
CNNVD
CNNVD
added 2025/04/18 12:0 a.m.4 views

Tenable Network Security Nessus 安全漏洞

Tenable Network Security Nessus is a network vulnerability scanning tool developed by Tenable Network Security to detect security vulnerabilities and configuration errors in operating systems, network devices, and applications. Tenable Network Security Nessus contains a security vulnerability tha...

4.3CVSS7.5AI score0.00231EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/04/15 12:0 a.m.4 views

Leveraging Vertical Public-Private Split for Improved Synthetic Data Generation

Differentially Private Synthetic Data Generation DP-SDG is a key enabler of private and secure tabular-data sharing, producing artificial data that carries through the underlying statistical properties of the input data. This typically involves adding carefully calibrated statistical noise to...

6.7AI score
Exploits0
Rows per page
Query Builder