Lucene search
K

54 matches found

NVD
NVD
added 2 days ago5 views

CVE-2026-57786

Cross-Site Request Forgery CSRF vulnerability in purethemes WorkScout-Core workscout-core allows Authentication Bypass.This issue affects WorkScout-Core: from n/a through = 1.7.08...

8.8CVSS0.00164EPSS
Exploits0References1
CVE
CVE
added 2 days ago13 views

CVE-2026-57786

CVE-2026-57786 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin WorkScout-Core (purethemes WorkScout-Core) that allows authentication bypass. Affected versions are WorkScout-Core up to and including 1.7.08. The connected sources (NVD and CVE records) confirm the...

8.8CVSS6.1AI score0.00164EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-57786 WordPress WorkScout-Core plugin <= 1.7.08 - Cross Site Request Forgery (CSRF) to Broken Authentication vulnerability

Cross-Site Request Forgery CSRF vulnerability in purethemes WorkScout-Core workscout-core allows Authentication Bypass.This issue affects WorkScout-Core: from n/a through = 1.7.08...

8.8CVSS0.00164EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/07/02 1:30 p.m.6 views

WordPress WorkScout-Core plugin <= 1.7.08 - Cross Site Request Forgery (CSRF) to Broken Authentication vulnerability

Cross Site Request Forgery CSRF to Broken Authentication vulnerability discovered by Phat RiO in WordPress Plugin WorkScout-Core versions = 1.7.08...

8.8CVSS5.9AI score0.00164EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/17 2:17 p.m.13 views

CVE-2026-52716

Unauthenticated Arbitrary File Deletion in WorkScout-Core = 1.7.11 versions...

6.5CVSS0.00351EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 12:47 p.m.9 views

EUVD-2026-37700

Unauthenticated Arbitrary File Deletion in WorkScout-Core = 1.7.11 versions...

6.5CVSS5.2AI score0.00351EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 12:47 p.m.29 views

CVE-2026-52716 WordPress WorkScout-Core plugin <= 1.7.11 - Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion in WorkScout-Core = 1.7.11 versions...

6.5CVSS0.00351EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:17 p.m.4 views

CVE-2025-67959

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout workscout allows Reflected XSS.This issue affects WorkScout: from n/a through = 4.1.07...

7.1CVSS5.4AI score0.0023EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.4 views

CVE-2025-67960

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through = 1.7.06...

7.1CVSS5.4AI score0.0023EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:16 p.m.2 views

CVE-2025-67960

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through = 1.7.06...

7.1CVSS0.0023EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:16 p.m.7 views

CVE-2025-67959

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout workscout allows Reflected XSS.This issue affects WorkScout: from n/a through = 4.1.07...

7.1CVSS0.0023EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:51 p.m.2 views

CVE-2025-67959 WordPress WorkScout theme <= 4.1.07 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout workscout allows Reflected XSS.This issue affects WorkScout: from n/a through = 4.1.07...

5.9AI score0.0023EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:51 p.m.3 views

CVE-2025-67960 WordPress WorkScout-Core plugin <= 1.7.06 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through = 1.7.06...

5.9AI score0.0023EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:51 p.m.7 views

CVE-2025-67959

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout workscout allows Reflected XSS.This issue affects WorkScout: from n/a through = 4.1.07...

7.1CVSS5.3AI score0.0023EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:51 p.m.4 views

CVE-2025-67960

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through = 1.7.06...

7.1CVSS5.3AI score0.0023EPSS
Exploits0References2
CVE
CVE
added 2026/01/22 4:51 p.m.10 views

CVE-2025-67960

CVE-2025-67960 describes a Reflected XSS in the WordPress plugin WorkScout-Core (purethemes WorkScout-Core) affecting versions up to 1.7.06. The issue is caused by improper neutralization of input during web page generation (cross-site scripting). The connected Wordfence details confirm this CVE ...

7.1CVSS5.4AI score0.0023EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:51 p.m.17 views

CVE-2025-67959

CVE-2025-67959 is a Reflected XSS in the WordPress WorkScout theme (versions up to 4.1.07). The vulnerability stems from improper input handling during web page generation. CVSS: 3.1 base 7.1 (HIGH), network access, no privileges, user interaction required; exploitation context is reflected XSS. ...

7.1CVSS5.4AI score0.0023EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:51 p.m.24 views

CVE-2025-67959 WordPress WorkScout theme <= 4.1.07 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout workscout allows Reflected XSS.This issue affects WorkScout: from n/a through = 4.1.07...

7.1CVSS0.0023EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:51 p.m.18 views

CVE-2025-67960 WordPress WorkScout-Core plugin <= 1.7.06 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through = 1.7.06...

7.1CVSS0.0023EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.9 views

WordPress plugin WorkScout-Core has cross-site scripting vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS5.7AI score0.0023EPSS
Exploits0References1
Rows per page
Query Builder