Lucene search
K

92 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-48949

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.00401EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-48951

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00323EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-48942

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00461EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-48952

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00309EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-49873

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.00454EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-51671

Malicious code in bioql PyPI...

5.3CVSS8.7AI score0.00301EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-48940

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00957EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-34339

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00753EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/05/27 11:31 p.m.10 views

WordPress WP Extended plugin <= 3.0.15 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by rajanhoyr in WordPress Plugin The Ultimate WordPress Toolkit – WP Extended versions = 3.0.15...

6.4CVSS5.5AI score0.00244EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 7:19 a.m.9 views

CVE-2024-8119

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the page parameter in all versions up to, and including, 3.0.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...

6.1CVSS6.4AI score0.00401EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:19 a.m.16 views

CVE-2024-8117

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘selectedoption’ parameter in all versions up to, and including, 3.0.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticat...

6.1CVSS6.4AI score0.00401EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:18 a.m.8 views

CVE-2024-8123

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.0.8 via the duplicatepost function due to missing validation on a user controlled key. This makes it possible for authenticated attackers...

5.4CVSS6.5AI score0.00309EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/03 9:46 a.m.17 views

CVE-2025-30796

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended wpextended allows Reflected XSS.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through = 3.0.14...

7.1CVSS7.2AI score0.00293EPSS
Exploits0References1
NVD
NVD
added 2025/04/01 6:15 a.m.14 views

CVE-2025-30796

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended wpextended allows Reflected XSS.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through = 3.0.14...

7.1CVSS0.00293EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/01 5:31 a.m.7 views

CVE-2025-30796 WordPress The Ultimate WordPress Toolkit – WP Extended plugin <= 3.0.14 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended wpextended allows Reflected XSS.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through = 3.0.14...

7.1CVSS7.3AI score0.00293EPSS
Exploits0References1
CVE
CVE
added 2025/04/01 5:31 a.m.47 views

CVE-2025-30796

CVE-2025-30796 in The Ultimate WordPress Toolkit – WP Extended (up to 3.0.14) is a reflected XSS vulnerability caused by improper neutralization of input during web page generation. The CVSS‑3.1 base score is 7.1 (HIGH) with NETWORK attack vector, LOW confidentiality/integrity/availability impact...

7.1CVSS7.2AI score0.00293EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.5 views

WordPress plugin The Ultimate WordPress Toolkit – WP Extended 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPre...

7.1CVSS7.8AI score0.00293EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.7 views

PT-2025-14047 · WordPress · Wp Extended

Name of the Vulnerable Software and Affected Versions: The Ultimate WordPress Toolkit – WP Extended versions n/a through 3.0.14 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS...

7.1CVSS9.4AI score0.00293EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/03/27 12:21 p.m.7 views

WordPress The Ultimate WordPress Toolkit – WP Extended plugin <= 3.0.14 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh in WordPress Plugin The Ultimate WordPress Toolkit – WP Extended versions = 3.0.14...

7.1CVSS6.1AI score0.00293EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/14 3:26 a.m.15 views

CVE-2024-13554

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the reorderroute function in all versions up to, and including, 3.0.13. This makes it possible for unauthenticated attackers to reorder pos...

5.3CVSS9.2AI score0.00301EPSS
Exploits0References1
Rows per page
Query Builder