Lucene search
K
VulnrichmentRecent

161662 matches found

Vulnrichment
Vulnrichment
added 2026/06/30 11:38 a.m.10 views

CVE-2026-41053 Over-inclusive team membership expansion in GitHub App authentication provider for Rancher

Incorrect authentication caching in the team member ship expansion of the Rancher Github authentication provider caused it granting principal access to any logged in user, in 2.13 before 2.13.6 and 2.14 before 2.14.2...

8.8CVSS5.8AI score0.0037EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 11:36 a.m.6 views

CVE-2026-8402 SQLi in Exagate's SYSGUARD 6001

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. SYSGUARD 6001 allows Blind SQL Injection. This issue affects SYSGUARD 6001: from 2.0.2 before 6.1.16.0. NOTE: The vendor was...

9.8CVSS5.8AI score0.00321EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 11:20 a.m.7 views

CVE-2026-13766 DBIx::QuickORM versions before 0.000026 for Perl allow SQL injection via unquoted SQL identifiers

DBIx::QuickORM versions before 0.000026 for Perl allow SQL injection via unquoted SQL identifiers. The default SQL builder, a SQL::Abstract subclass, sets bindtype in its constructor but never quotechar, so SQL::Abstract emits identifiers verbatim. Caller-supplied identifiers orderby, where-claus...

5.8AI score0.0035EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 11:20 a.m.7 views

CVE-2026-53692 Weak hashing algorithm in Redeight CMS

Redeight CMS version 1.0 uses the MD5 algorithm without a salt to store user passwords. Because MD5 is a cryptographically broken algorithm and lacks salting, attackers who obtain the password hashes can trivially reverse them using rainbow tables, leading to the exposure of plaintext credentials...

5.9CVSS5.8AI score0.00399EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 11:19 a.m.4 views

CVE-2026-53691 Remote Code Execution in Redeight CMS

An Unrestricted File Upload vulnerability in Redeight CMS version 1.0 allows authenticated attackers to achieve Remote Code Execution via the POST "/admin/index.php?module=pages&mode=FileAdd" endpoint. The application fails to validate file extensions and MIME types, permitting the upload of...

8.6CVSS6.1AI score0.00488EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 11:19 a.m.6 views

CVE-2026-53690 SQL Injection in Redeight CMS

An SQL Injection vulnerability exists in Redeight CMS version 1.0 via the "userEmail" parameter in the POST "/admin/index.php" login endpoint. The application fails to sanitize user input and directly interpolates it into SQL queries without using prepared statements, which allows unauthenticated...

9.3CVSS6.2AI score0.00399EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 11:5 a.m.6 views

CVE-2026-57082 Net::BitTorrent versions through 2.0.1 for Perl generate the MSE Diffie-Hellman private key with a non-cryptographic PRNG

Net::BitTorrent versions through 2.0.1 for Perl generate the MSE Diffie-Hellman private key with a non-cryptographic PRNG. The MSE Message Stream Encryption handshake derives its 160-bit Diffie-Hellman private key from Perl's rand, a non-cryptographic drand48-class generator seeded once per...

5.8AI score0.00152EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 11:5 a.m.7 views

CVE-2026-57081 Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input

Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input. bdecode recurses once per nested list or dictionary level with no depth cap, and each recursive call receives the remaining buffer by value while the list and dictionary branches captu...

6AI score0.00263EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 11:4 a.m.8 views

CVE-2026-57080 Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via an uncapped peer-wire message-length prefix

Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via an uncapped peer-wire message-length prefix. The peer-wire framing in processmessages trusts the 4-byte length prefix sent by a connected peer with no upper bound, while receivedata appends every inbound byte to th...

5.9AI score0.00263EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 11:4 a.m.6 views

CVE-2026-57079 Net::BitTorrent versions through 2.0.1 for Perl write files outside the download directory via path traversal in peer-supplied metadata

Net::BitTorrent versions through 2.0.1 for Perl write files outside the download directory via path traversal in peer-supplied metadata. Net::BitTorrent validates file path components only on the .torrent-file ingest path. The peer and magnet metadata path onmetadatareceived, reached from the BEP...

5.8AI score0.00282EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 10:57 a.m.6 views

CVE-2026-14162 Advantech|Hospital Quering Management - Missing Authentication

Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...

9.8CVSS5.8AI score0.00472EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 9:55 a.m.7 views

CVE-2026-49434 Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: LdapNetworkConnector instantiates denied transports and a remote-properties broker

Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. An attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can instantiate denied transports inside the broker JVM. This can be used...

5.7AI score0.00659EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 9:54 a.m.7 views

CVE-2026-49432 Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: STOMP negative content-length enables denial of service

Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can...

6AI score0.00844EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 9:53 a.m.7 views

CVE-2026-49877 Apache ActiveMQ: Authenticated web users retain admin access by default in the Web Console

Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can access /admin/ paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to only admins. This issue affects Apache ActiveMQ: before 5.19.8, from...

5.8AI score0.0051EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 9:53 a.m.9 views

CVE-2026-50734 Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire memory-allocation DoS during wire format negotiation

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes t...

5.7AI score0.00796EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 9:53 a.m.7 views

CVE-2026-13316 Foreman: ssrf to cloud metada service through unvalidated test_url parameters in foreman config

A flaw has been found in foreman when HTTP parameters are modified in httpproxiescontroller and httpproxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS/GCP/Azure environment through foreman component...

4.4CVSS5.7AI score0.00105EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 9:51 a.m.11 views

CVE-2026-50750 Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broke...

5.8AI score0.00707EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 9:50 a.m.6 views

CVE-2026-52760 Apache ActiveMQ, Apache ActiveMQ Web Console: Stored XSS via Unescaped values in ActiveMQ Web Console

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache ActiveMQ, Apache ActiveMQ Web Console. The browse page in the web console renders a message Id directly without sanitization. This allows an authenticated producer to send a message with a J...

5.7AI score0.00563EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 9:49 a.m.7 views

CVE-2026-53916 Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: Unbounded header buffer in STOMP NIO codec

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM hea...

5.9AI score0.00796EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 9:49 a.m.17 views

CVE-2026-53917 Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker: Unbounded memory allocation in OpenWire property unmarshalling

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker. An authenticated user can cause a broker DoS by sending a crafted OpenWire Message with a large encoded size value for the map. OpenWire message...

5.7AI score0.00796EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 9:48 a.m.6 views

CVE-2026-54475 Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Temporary destination ownership takeover

Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic temporary destinations are expected to be isolated to the connection that created them. The isolation can be broken as this is only checked in the client, allowing...

5.7AI score0.00589EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 9:37 a.m.7 views

CVE-2026-10763

PROMOD V is using insecure HTTP communication instead of HTTPS. The vulnerability is due to the lack of HTTPS support from 3rd party Digipede server...

7CVSS5.8AI score0.00347EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 9:31 a.m.6 views

CVE-2026-8141 Ajax Load More - Filters <= 3.4.1 - Unauthenticated Stored Cross-Site Scripting via 'taxonomy_include_children' Field

The Ajax Load More - Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'taxonomyincludechildren' parameter in all versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...

7.2CVSS5.9AI score0.00261EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 9:31 a.m.16 views

CVE-2026-9711 EventON - WordPress Virtual Event Calendar Plugin <= 5.0.11 - Unauthenticated Blind SQL Injection via Search Parameter

The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress full is vulnerable to SQL Injection via the WordPress 'search' parameter in versions up to, and including, 5.0.11 due to insufficient escaping on the user supplied parameter and lack of preparation on the existing SQL quer...

9.8CVSS5.8AI score0.00438EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 9:10 a.m.7 views

CVE-2026-12076 SQL Injection in Raytha CMS

Raytha CMS is vulnerable to SQL Injection within the OData filter parsing pipeline. The vulnerability allows a remote, unauthenticated attacker to execute arbitrary SQL statements against the underlying PostgreSQL database, leading to full database compromise, including credential extraction...

9.3CVSS5.9AI score0.00431EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 8:59 a.m.7 views

CVE-2025-7406 A Sudo Privilege Escalation Vulnerability in Nokia MantaRay NM

Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative local admin privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute...

5.9AI score0.00128EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:58 a.m.8 views

CVE-2025-24816 An Improper Access Control vulnerability in Nokia MantaRay NM

Nokia MantaRay is subject to an Improper Access Control vulnerability due to insufficient authorization within the API. Successful exploitation could allow an authenticated attacker to retrieve confidential information beyond their assigned privileges...

5.8AI score0.00276EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:55 a.m.7 views

CVE-2025-24815 An unrestricted file upload vulnerability in Nokia MantaRay NM

Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could allow an authenticated attacker to upload malicious files onto the system...

5.8AI score0.00151EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:54 a.m.7 views

CVE-2026-6954 Multiple vulnerabilities in Intermark IT's WebControl CMS

Cross-Site Scripting XSS vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an attacker to execute JavaScript code or inject a dynamic iframe into the victim’s browser by sending a malicious URL via the 'urlDestino' parameter in '/portal.do'. This vulnerability can be...

5.1CVSS5.9AI score0.00366EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:53 a.m.7 views

CVE-2026-6953 Multiple vulnerabilities in Intermark IT's WebControl CMS

HTML injection vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an attacker to send an email containing malicious HTML code to a victim via the contact form. To exploit this vulnerability, the attacker must send a request using the 'nombreApellidos', 'dirección ', an...

5.1CVSS5.8AI score0.0036EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:30 a.m.8 views

CVE-2026-13149

brace-expansion through 5.0.6 is vulnerable to denial of service. The expand function exhibits exponential-time complexity in the number of consecutive non-expanding '' brace groups. An attacker who passes a crafted string to expand, directly or transitively, can cause significant CPU consumption...

8.7CVSS5.7AI score0.00361EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 8:27 a.m.8 views

CVE-2026-12610 Sssd: use-after-free crash in sssd' 'sssd_pam' process

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/30 8:5 a.m.7 views

CVE-2026-45822

decode-uri-component through 0.4.1 is vulnerable to denial of service. The decode function splits input on '%' producing N tokens and calls decodeComponents, exhibiting super-linear parsing time: 200 '%ab' tokens takes approximately 0.7s, 700 tokens approximately 6s, and 1400 tokens approximately...

8.7CVSS5.8AI score0.00304EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/30 7:20 a.m.7 views

CVE-2026-12578 DTMSoft - Deserialization of Untrusted Data Vulnerability

The affected product is vulnerable to a deserialization of untrusted data, which may allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00388EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 6:52 a.m.7 views

CVE-2026-12240 Export User Data <= 2.2.6 - Authenticated (Subscriber+) PHP Object Injection to Arbitrary File Deletion via display_name Field

The Export User Data plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unserialize function in all versions up to, and including, 2.2.6. This makes it possible for authenticated attackers, with subscriber-level access and above, to delet...

8CVSS6.5AI score0.00341EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 6:29 a.m.18 views

CVE-2026-14164 Libarchive: double-free vulnerability in rar5 decompression logic via dangling filtered_buf pointer in init_unpack()

A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filteredbuf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can trigger a second free of...

7.5CVSS5.7AI score0.0035EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/30 6:28 a.m.7 views

CVE-2026-12819 DVP-12SE Missing Authentication and Unauthorized Write access Vulnerability

Delta Electronics DVP12SE PLC exposes a Modbus TCP service over a specified port without authentication or access control, permitting unauthenticated interaction with security-sensitive PLC functions...

9.3CVSS5.8AI score0.0031EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 6:24 a.m.7 views

CVE-2026-12818 DVP-12SE Exposure of Sensitive Information Vulnerability

Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling CWE-770 within their Modbus TCP service...

9.3CVSS5.8AI score0.00253EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 6:2 a.m.7 views

CVE-2026-56137

RPG MAKER MV and MZ provided by Gotcha Gotcha Games Inc. contain an OS command injection vulnerability. If a user loads a specially crafted save-file, arbitrary OS command may be executed...

8.4CVSS7.2AI score0.00677EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/30 6:2 a.m.6 views

CVE-2026-56809

Multiple laser printers and MFPs multifunction printers which implement Ricoh Web Image Monitor contain a reflected cross-site scripting vulnerability. An arbitrary script may be executed on the web browser of the user who accesses a crafted URL...

6.1CVSS6.4AI score0.00187EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/30 6:0 a.m.8 views

CVE-2026-56808

DGM3103SCT provided by AVTECH Security Corporation contains an OS command injection vulnerability, which may lead to arbitrary command execution with the root privilege by a user who can log in to the web management console of the affected product...

8.6CVSS7.3AI score0.0155EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 6:0 a.m.20 views

CVE-2026-9576 Fluent Booking < 2.1.2 - Calendar Manager+ Sensitive Information Disclosure via Attendee Export

The Fluent Booking WordPress plugin before 2.1.2 does not verify ownership of the requested groupid before exporting attendee data via the export endpoint, allowing users with at least the Calendar Manager role to retrieve attendees' PII name, email, phone, address, payment information from...

5.8AI score0.00234EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 6:0 a.m.8 views

CVE-2026-11581 Kali Forms < 2.4.13 - Contributor+ Stored XSS via Form Field Caption

The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin before 2.4.13 does not sanitise a form field's caption before outputting it as a column header on the administrator form-entries screen, allowing users with Contributor-level access or above to store JavaScript that executes i...

5.8AI score0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 6:0 a.m.7 views

CVE-2026-11590 WP Support Plus Responsive Ticket System <= 9.1.2 - Unauthenticated SQL Injection via filter[elements] Array Keys

The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sanitize user-supplied array keys before using them in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

5.8AI score0.00262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 6:0 a.m.6 views

CVE-2026-11589 WP Support Plus Responsive Ticket System <= 9.1.2 - Unauthenticated Stored XSS via File Upload

The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not properly validate uploaded files, allowing unauthenticated users to upload files containing malicious JavaScript such as HTML or SVG to a publicly accessible location, leading to Stored Cross-Site Scripting attac...

5.6AI score0.00276EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 5:34 a.m.8 views

CVE-2026-12073 ProfileGrid - User Profiles, Groups and Communities <= 5.9.9.5 - Unauthenticated Privilege Escalation via Email Overwrite

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.9.9.5. This is due to the plugin not validating a userlogin on registration forms that don't contain this parameter, and...

9.8CVSS5.8AI score0.0031EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 4:30 a.m.8 views

CVE-2026-11367 PixMagix <= 1.7.2 - Authenticated (Author+) Path Traversal in 'layers[].id' Parameter

The PixMagix – WordPress Image Editor plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.2 via the moveimageonserver function. This makes it possible for authenticated attackers, with author-level access and above, to write files with...

6.5CVSS5.9AI score0.00541EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/30 4:30 a.m.6 views

CVE-2026-12349 Premium Addons for KingComposer <= 1.1.1 - Missing Authorization to Unauthenticated Arbitrary Custom Sidebar Creation and Deletion via 'add_custom_sidebar' and 'remove_custom_sidebar' AJAX actions

The Premium Addons for KingComposer plugin for WordPress is vulnerable to unauthorized modification and loss of data in versions up to, and including, 1.1.1. This is due to missing authorization and capability checks on the addcustomsidebar and removecustomsidebar AJAX handlers, both of which are...

5.3CVSS5.9AI score0.00239EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/30 4:30 a.m.7 views

CVE-2026-8944 Plugin for Google Analytics by IO technologies <= 1.1 - Cross-Site Request Forgery via 'ga_id' Parameter

The Plugin for Google Analytics by IO technologies plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the Google Analytics settings page ga.php. This makes it possible for unauthenticated...

4.3CVSS5.6AI score0.00102EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 4:30 a.m.6 views

CVE-2026-12560 Editorial Rating <= 4.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Link URL' Field

The Editorial Rating – Product Review & Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'Link URL' Field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

4.4CVSS5.9AI score0.0024EPSS
Exploits0References9
Total number of security vulnerabilities161662