Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.23 views

PT-2026-48276

Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00281EPSS
Exploits0References2
NVD
NVD
added 2026/03/05 6:16 a.m.6 views

CVE-2026-27097

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes CasaMia | Property Rental Real Estate WordPress Theme casamia allows PHP Local File Inclusion.This issue affects CasaMia | Property Rental Real Estate WordPress Them...

8.1CVSS0.00512EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.6 views

@achinet/nestjs-async (>=0.1.0 <=0.2.0), @aligov/clark-core (>=3.0.0 <=3.0.1) +37 more potentially affected by unknown CVE via @asyncapi/generator-react-sdk (>=1.1.2 <=1.1.3)

@asyncapi/generator-react-sdk NPM version =1.1.2, =0.1.0, =3.0.0, =4.1.3, =0.24.0, =1.10.14, =0.2.0, =0.1.0, =1.0.0, =0.2.2, =1.3.3, =2.0.0, =0.16.0, =0.16.23 - @asyncapi/template-dart-websocket-client =0.0.1 - @asyncapi/template-java-websocket-quarkus =0.0.1 -...

5.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:6 a.m.4 views

CVE-2023-34011

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in ShopConstruct plugin = 1.1.2 versions...

7.1CVSS5.2AI score0.0032EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/16 12:0 a.m.6 views

WordPress plugin Better WP Login Page 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS7.5AI score0.004EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/10/18 12:0 a.m.15 views

WordPress Novo-Map : your WP posts on custom google maps Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Novo-Map : your WP posts on custom google maps Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-46190 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d805e0cb863...

8.8CVSS6.6AI score0.00271EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/05/24 5:7 p.m.1 views

GHSA-XG77-XQHQ-CRPR Stored XSS vulnerability in Code Coverage API Plugin

Code Coverage API Plugin 1.1.2 and earlier does not escape the filename of the coverage report used in its view. This results in a stored cross-site scripting vulnerability that can be exploited by users able to change the job configuration. Code Coverage API Plugin 1.1.3 escapes the filename of...

5.4CVSS5.9AI score0.00735EPSS
Exploits0References5
Rows per page
Query Builder