Lucene search
+L

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-13749

Malicious code in bioql PyPI...

5.9CVSS6.9AI score0.00225EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-57352

Malicious code in bioql PyPI...

6.5CVSS7AI score0.00327EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:30 a.m.7 views

CVE-2023-5181

The WP Discord Invite WordPress plugin before 2.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.6AI score0.00402EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/09 3:26 p.m.12 views

CVE-2025-47638

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sarvesh M Rao WP Discord Invite wp-discord-invite allows Stored XSS.This issue affects WP Discord Invite: from n/a through = 2.5.3...

5.9CVSS7.2AI score0.00225EPSS
Exploits0References1
NVD
NVD
added 2025/05/07 3:16 p.m.18 views

CVE-2025-47638

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sarvesh M Rao WP Discord Invite wp-discord-invite allows Stored XSS.This issue affects WP Discord Invite: from n/a through = 2.5.3...

5.9CVSS0.00225EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 2:20 p.m.51 views

CVE-2025-47638

CVE-2025-47638 is a stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin WP Discord Invite . Affected versions are listed as up to 2.5.3 (n/a through 2.5.3). The primary sources describe this as an “Improper Neutralization of Input During Web Page Generation” XSS, affecting WP ...

5.9CVSS7.2AI score0.00225EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/07 2:20 p.m.9 views

CVE-2025-47638 WordPress WP Discord Invite plugin <= 2.5.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sarvesh M Rao WP Discord Invite wp-discord-invite allows Stored XSS.This issue affects WP Discord Invite: from n/a through = 2.5.3...

5.9CVSS7.2AI score0.00225EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/07 2:20 p.m.24 views

CVE-2025-47638 WordPress WP Discord Invite plugin <= 2.5.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sarvesh M Rao WP Discord Invite wp-discord-invite allows Stored XSS.This issue affects WP Discord Invite: from n/a through = 2.5.3...

5.9CVSS0.00225EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.6 views

PT-2025-20200 · WordPress · Wp Discord Invite

Name of the Vulnerable Software and Affected Versions: WP Discord Invite versions n/a through 2.5.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...

5.9CVSS6.2AI score0.00225EPSS
Exploits0References3
CVE
CVE
added 2024/01/17 2:31 p.m.57 views

CVE-2023-5006

CVE-2023-5006 (WP Discord Invite) : The WordPress plugin WP Discord Invite is vulnerable to a CSRF flaw in versions before 2.5.1, enabling an unauthenticated attacker to cause actions on behalf of an authenticated admin by tricking them into submitting crafted requests. Public details confirm the...

6.5CVSS6.4AI score0.00327EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/17 2:31 p.m.13 views

CVE-2023-5006 WP Discord Invite < 2.5.1 - Arbitrary Settings Update via CSRF

The WP Discord Invite WordPress plugin before 2.5.1 does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to perform actions on their behalf by tricking a logged in administrator to submit a crafted request...

7.1AI score0.00327EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/11/07 12:0 a.m.20 views

WordPress WP Discord Invite Plugin < 2.5.2 is vulnerable to Cross Site Scripting (XSS)

Software WP Discord Invite Type Plugin Vulnerable versions 2.5.2 Fixed in 2.5.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5181 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 189ce186d624 Credits Bob Matyas Required...

4.8CVSS6AI score0.00402EPSS
Exploits2References4Affected Software1
NVD
NVD
added 2023/11/06 9:15 p.m.28 views

CVE-2023-5181

The WP Discord Invite WordPress plugin before 2.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS4.7AI score0.00402EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/11/06 8:41 p.m.6 views

CVE-2023-5181 WP Discord Invite < 2.5.2 - Admin+ Stored Cross Site Scripting

The WP Discord Invite WordPress plugin before 2.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.7AI score0.00402EPSS
Exploits2References1
CVE
CVE
added 2023/11/06 8:41 p.m.67 views

CVE-2023-5181

CVE-2023-5181 concerns the WordPress plugin WP Discord Invite prior to version 2.5.2, in which certain plugin settings are not properly sanitized or escaped. The underlying cause is insufficient sanitization/escaping of settings, which could allow a high-privilege user (e.g., an administrator) to...

4.8CVSS4.7AI score0.00402EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder