Lucene search
K

117 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:8 p.m.8 views

CVE-2018-6002

The Soundy Background Music plugin 3.9 and below for WordPress has Cross-Site Scripting via soundy-background-music\templates\front-end.php warsoundypreview parameter...

6.1CVSS6.6AI score0.0078EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-11515

Malware in sbrugna...

5.4CVSS5.4AI score0.00624EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.18 views

EUVD-2019-7789

Malware in sbrugna...

6.1CVSS6.3AI score0.00941EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-24893

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00815EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-24629

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00552EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-35080

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.02179EPSS
Exploits5References2
Patchstack
Patchstack
added 2025/08/07 11:51 a.m.8 views

WordPress Multimedia Playlist Slider Addon for WPBakery Page Builder Plugin <= 2.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Multimedia Playlist Slider Addon for WPBakery Page Builder versions = 2.1...

7.1CVSS3.9AI score0.00213EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/08/02 8:15 a.m.14 views

CVE-2025-8317

The Custom Word Cloud plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘angle’ parameter in all versions up to, and including, 0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...

6.4CVSS0.00218EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/07/31 10:0 p.m.8 views

WordPress The Plus Addons for Elementor Page Builder Lite plugin <= 6.3.10 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 6.3.10...

6.4CVSS5.2AI score0.00231EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/30 3:1 p.m.9 views

WordPress Integration for Contact Form 7 and Constant Contact Plugin plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Integration for Contact Form 7 and Constant Contact versions = 1.1.7...

5.9CVSS6AI score0.00216EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/28 12:40 p.m.6 views

WordPress Supermalink <= 1.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Chu The Anh Blue Rock in WordPress Plugin Supermalink versions = 1.1...

6.5CVSS6AI score0.0019EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/25 9:53 p.m.6 views

WordPress Wonder Slider Lite plugin <= 14.4 - Authenticated (Contributor+) Dom-based Stored Cross-Site Scripting

Authenticated Contributor+ Dom-based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Wonder Slider Lite versions = 14.4...

6.4CVSS5.5AI score0.00274EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/23 9:45 p.m.5 views

WordPress WP Get The Table plugin <= 1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via url Parameter vulnerability discovered by Gilang in WordPress Plugin WP Get The Table versions = 1.5...

6.4CVSS5.5AI score0.00358EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/23 9:44 p.m.6 views

WordPress Get Youtube Subs plugin <= 3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via subscribe_link_att Function vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via subscribelinkatt Function vulnerability discovered by Peter Thaleikis in WordPress Plugin Get Youtube Subs versions = 3.5...

6.4CVSS5.5AI score0.0038EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/23 9:31 p.m.7 views

WordPress Structured Content plugin <= 1.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via sc_fs_local_business Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via scfslocalbusiness Shortcode vulnerability discovered by muhammad yudha in WordPress Plugin Structured Content versions = 1.6.4...

6.4CVSS5.5AI score0.00393EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/22 10:19 p.m.6 views

WordPress Fleetwire Fleet Management Plugin plugin <= 1.0.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via fleetwire_list Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via fleetwirelist Shortcode vulnerability discovered by Gilang in WordPress Plugin Fleetwire Fleet Management versions = 1.0.19...

6.4CVSS5.5AI score0.00228EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/21 10:1 p.m.7 views

WordPress User Registration plugin <= 4.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via urcr_restrict Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via urcrrestrict Shortcode vulnerability discovered by muhammad yudha in WordPress Plugin User Registration versions = 4.2.4...

6.4CVSS5.5AI score0.003EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/21 9:59 p.m.6 views

WordPress Ebook Store plugin <= 5.8012 - Authenticated (Administrator+) Stored Cross-Site Scripting via Order Details vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via Order Details vulnerability discovered by Bee in WordPress Plugin Ebook Store versions = 5.8012...

4.4CVSS5.5AI score0.0022EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/21 1:45 a.m.7 views

WordPress ThemeREX Addons plugin <= 2.35.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trx_addons_get_svg_from_file Function vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via trxaddonsgetsvgfromfile Function vulnerability discovered by stealthcopter in WordPress Plugin ThemeREX Addons versions = 2.35.1.1...

6.4CVSS5.5AI score0.00205EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/21 1:41 a.m.7 views

WordPress Temporarily Hidden Content plugin <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin Temporarily Hidden Content versions = 1.0.6...

6.4CVSS5.5AI score0.00218EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder