Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.21 views

PT-2026-37350

The Affiliate Program Suite — SliceWP Affiliates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcode attributes in all versions up to, and including, 1.2.7. This is due to insufficient input sanitization and output escaping on user-supplied attributes in the 'slicewp...

6.4CVSS6AI score0.00152EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.14 views

WordPress plugin Affiliate Program Suite — SliceWP Affiliates 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension that can ...

6.4CVSS5.8AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/11 1:21 a.m.10 views

CVE-2026-39362

InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, when INVENTREEDOWNLOADFROMURL is enabled opt-in, authenticated users can supply remoteimage URLs that are fetched server-side via requests.get with only Django's URLValidator check. There is no validation against...

7.1CVSS5.8AI score0.00233EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 11:42 a.m.2 views

CVE-2026-32487

Missing Authorization vulnerability in raratheme Lawyer Landing Page lawyer-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lawyer Landing Page: from n/a through = 1.2.7...

5.8AI score0.0018EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 8:20 a.m.4 views

CVE-2024-10532

The Bard Extra plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bardxtraimportxml function in all versions up to, and including, 1.2.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to...

4.3CVSS5.1AI score0.00535EPSS
Exploits0References1
Rows per page
Query Builder