Lucene search
K

4 matches found

CVE
CVE
added 2026/01/07 9:20 a.m.23 views

CVE-2025-14144

CVE-2025-14144 affects Mstoic Shortcodes for WordPress. The vulnerability is a stored XSS via the start attribute of the ms_youtube_embeds shortcode, present in all versions up to and including 2.0, due to insufficient input sanitization and output escaping. Exploitation requires authentication a...

6.4CVSS4.8AI score0.00228EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/09/13 12:0 a.m.6 views

PT-2024-39261 · WordPress · Wp Booking System – Booking Calendar

Name of the Vulnerable Software and Affected Versions: The WP Booking System – Booking Calendar plugin for WordPress versions up to, and including, 2.0.19.8 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg and remove query arg without appropriate...

6.1CVSS6.5AI score0.00475EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2023/04/11 12:0 a.m.5 views

PT-2023-6335 · Adobe · Substance3D - Stager

Name of the Vulnerable Software and Affected Versions: Adobe Substance 3D Stager versions 2.0.1 and earlier Description: The issue is related to a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires use...

7.8CVSS7.7AI score0.00379EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/08/31 12:0 a.m.6 views

多款 ZITADEL 产品 安全漏洞

ZITADEL is a modern open source alternative to Auth0, Firebase Auth, AWS Cognito, and Keycloak built for the age of containers and serverless, open sourced by ZITADEL in Switzerland. ZITADEL suffers from a security vulnerability that stems from a lack of authorization checks, where Actions is abl...

8.8CVSS6.7AI score0.00788EPSS
Exploits0References5
Rows per page
Query Builder