Lucene search
K

29 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:19 a.m.8 views

CVE-2024-2263

Themify WordPress plugin before 1.4.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

4.8CVSS6.1AI score0.00402EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-11797

Malware in sbrugna...

6.1CVSS6.3AI score0.00876EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-43232

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.0058EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-17373

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00207EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-51697

Malicious code in bioql PyPI...

4.7CVSS9.1AI score0.00805EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-50767

Malicious code in bioql PyPI...

6.1CVSS9.1AI score0.00317EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-24080

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.01067EPSS
Exploits3References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-27279

Malicious code in bioql PyPI...

6.1CVSS8.6AI score0.00409EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-49521

Malicious code in bioql PyPI...

7.1CVSS6.4AI score0.00473EPSS
Exploits0References3
NVD
NVD
added 2025/08/01 6:15 a.m.7 views

CVE-2025-5921

The SureForms WordPress plugin before 1.7.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against both authenticated and unauthenticated users...

5.8CVSS0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/16 11:28 a.m.11 views

CVE-2025-47652 WordPress Infility Global plugin <= 2.13.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Infility Infility Global infility-global allows Reflected XSS.This issue affects Infility Global: from n/a through = 2.13.4...

7.1CVSS0.00235EPSS
Exploits0References1
CVE
CVE
added 2025/06/27 11:52 a.m.19 views

CVE-2025-27361

CVE-2025-27361 concerns the WordPress plugin “Photo Express for Google” (thhake) with versions

7.1CVSS5.9AI score0.00222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:45 a.m.9 views

CVE-2023-3118

The Export All URLs WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.1AI score0.00471EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:25 p.m.6 views

CVE-2021-25006

The MOLIE WordPress plugin through 0.5 does not escape the courseid parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting issue...

6.1CVSS6.2AI score0.0082EPSS
Exploits2References1
NVD
NVD
added 2025/05/15 8:16 p.m.20 views

CVE-2025-1303

The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...

6.1CVSS0.00525EPSS
Exploits1References1
CVE
CVE
added 2025/04/17 3:48 p.m.39 views

CVE-2025-27308

CVE-2025-27308 : WordPress WP Video Posts plugin is affected (versions up to 3.5.1) by a Reflected Cross-Site Scripting vulnerability caused by improper neutralization of input during web page generation. Public details consistently reference WP Video Posts in this CVE; exploitation status and fi...

7.1CVSS7.2AI score0.00257EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/17 3:47 p.m.14 views

CVE-2025-32651 WordPress SERPed.net Plugin <= 4.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in serpednet SERPed.net serped-net allows Reflected XSS.This issue affects SERPed.net: from n/a through = 4.6...

7.1CVSS0.00273EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/15 9:53 p.m.19 views

CVE-2025-22263 WordPress Global Gallery plugin <= 8.8.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Global Gallery allows Reflected XSS. This issue affects Global Gallery: from n/a through 8.8.0...

7.1CVSS0.00257EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/11 8:42 a.m.8 views

CVE-2025-32553 WordPress RestroPres Plugin <= 3.1.8.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Magnigenie RestroPress allows Reflected XSS. This issue affects RestroPress: from n/a through 3.1.8.4...

7.1CVSS7AI score0.00374EPSS
Exploits0References1
NVD
NVD
added 2025/03/20 6:15 a.m.8 views

CVE-2024-13876

The mEintopf WordPress plugin through 0.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS0.00255EPSS
Exploits1References1
Rows per page
Query Builder