Lucene search
K

2022 matches found

CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

WordPress plugin Livemesh SiteOrigin Widgets 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.8AI score0.00223EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.11 views

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2026:2039-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2039-1 advisory. This update for MozillaFirefox fixes the following issue Update to Firefox Extended Support Release 140.11.0 ESR MFSA 2026-48 bsc1265212 -...

9.8CVSS6AI score0.00605EPSS
Exploits0References42
Snyk
Snyk
added 2026/05/25 7:9 a.m.10 views

Malicious Package

Overview uipath-ui-widgets is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2026/05/22 9:16 a.m.18 views

CVE-2026-7615

The Widget Context plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.3. This is due to missing or incorrect nonce validation on the savewidgetcontextsettings function. This makes it possible for unauthenticated attackers to modify widget...

4.3CVSS0.00168EPSS
Exploits0References8
vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.8 views

@binarysee/widgets (=1.0.5), @binlove/widgets (=1.0.5) potentially affected by unknown CVE via @antv/s2-react (=2.0.0-next.28)

@antv/s2-react NPM version =2.0.0-next.28 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/s2-react and may be impacted: - @binarysee/widgets =1.0.5 - @binlove/widgets =1.0.5 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVS2REACT-16754376...

5.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.4 views

@antv/dipper-widgets (=0.2.1) potentially affected by unknown CVE via @antv/dipper-hooks (=0.2.1)

@antv/dipper-hooks NPM version =0.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/dipper-hooks and may be impacted: - @antv/dipper-widgets =0.2.1 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVDIPPERHOOKS-16754471...

5.5AI score
Exploits0
NVD
NVD
added 2026/05/16 4:16 p.m.9 views

CVE-2021-47972

Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can paste large payloads of repeated characters into note fields to trigger application crashes and mak...

8.7CVSS0.00284EPSS
Exploits0References2
CVE
CVE
added 2026/05/16 3:26 p.m.12 views

CVE-2021-47972

The CVE-2021-47972 entry affects Sticky Notes & Color Widgets 1.4.2 and describes a denial-of-service: attackers can crash the application by pasting excessively long character strings into note fields, causing crashes and unresponsiveness. The connected documents confirm the affected product/ver...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/16 3:26 p.m.11 views

EUVD-2021-34827

Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can paste large payloads of repeated characters into note fields to trigger application crashes and mak...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/16 3:26 p.m.12 views

CVE-2021-47972 Sticky Notes & Color Widgets 1.4.2 Denial of Service

Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can paste large payloads of repeated characters into note fields to trigger application crashes and mak...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/16 3:26 p.m.41 views

CVE-2021-47972 Sticky Notes & Color Widgets 1.4.2 Denial of Service

Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can paste large payloads of repeated characters into note fields to trigger application crashes and mak...

8.7CVSS0.00284EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/16 3:26 p.m.9 views

CVE-2021-47972

Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can paste large payloads of repeated characters into note fields to trigger application crashes and mak...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/16 12:0 a.m.13 views

PT-2026-41458

Name of the Vulnerable Software and Affected Versions Sticky Notes & Color Widgets version 1.4.2 Description A denial of service issue allows attackers to crash the application by creating notes with excessively long character strings. By pasting large payloads of repeated characters into note...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/16 12:0 a.m.9 views

WordPress plugin Sticky Notes Color Widgets 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.13 views

Zabbix 6.0.x < 6.0.45 / 7.0.x < 7.0.24 / 7.4.x < 7.4.8 XSS (ZBX-27760)

The version of Zabbix Server installed on the remote host is prior to 6.0.45, 7.0.24, 7.4.8. It is, therefore, affected by a stored cross-site scripting XSS vulnerability. The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML displ...

7.3CVSS5.8AI score0.00285EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/14 6:44 a.m.65 views

CVE-2026-5193 Essential Addons for Elementor – Popular Elementor Templates & Widgets <= 6.5.13 - Authenticated (Author+) Limited Privilege Escalation via register_user

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.5.13. This is due to insufficient role validation in the 'registeruser' function, which only blocks the 'administrator' rol...

6.5CVSS0.00238EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/13 12:29 p.m.7 views

CVE-2026-3426

The RTMKit Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the savewidget and resetallwidgets functions in all versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with Author-lev...

4.3CVSS5.8AI score0.00288EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/13 12:29 p.m.8 views

EUVD-2026-29938

The RTMKit Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the savewidget and resetallwidgets functions in all versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with Author-lev...

4.3CVSS5.8AI score0.00288EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

WordPress plugin RTMKit Addons for Elementor 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

4.3CVSS5.8AI score0.00288EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.13 views

PT-2026-40595

The RTMKit Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the save widget and reset all widgets functions in all versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with...

4.3CVSS5.8AI score0.00288EPSS
Exploits0References6
Rows per page
Query Builder