Lucene search
K
WpvulndbMost viewed

14603 matches found

WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.24 views

Pretty Link Lite <= 1.6.2 - XSS in SWF

The Pretty Links – Link Management, Branding, Tracking & Sharing Plugin WordPress plugin was affected by a XSS in SWF security vulnerability...

4.3CVSS5.7AI score0.06314EPSS
Exploits3References2Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 12:0 a.m.24 views

Contextual Related Posts < 1.8.7 - Cross-Site Request Forgery

The Contextual Related Posts WordPress plugin was affected by a Cross-Site Request Forgery security vulnerability, which could lead to Cross-Site Scripting issues...

6.8CVSS1.8AI score0.01052EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 12:0 a.m.24 views

Count Per Day <= 3.2.3 - notes.php note Parameter XSS

The Count per Day WordPress plugin was affected by a notes.php note Parameter XSS security vulnerability...

4.3CVSS2.4AI score0.00913EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2013/08/05 12:0 a.m.24 views

Chat <= 1.0.8 - Cross-Site Scripting (XSS) in 'message' Parameter

The chat WordPress plugin was affected by a Cross-Site Scripting XSS in 'message' Parameter security vulnerability...

1.9AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2013/07/23 12:0 a.m.24 views

Download Monitor < 3.3.6.2 - Multiple XSS

The Download Monitor WordPress plugin was affected by a Multiple XSS security vulnerability...

4.3CVSS2AI score0.02075EPSS
Exploits1References2Affected Software1
WPVulnDB
WPVulnDB
added 2013/03/24 12:0 a.m.24 views

Backupbuddy - importbuddy.php Restore Operation Persistence Weakness

The backupbuddy WordPress plugin was affected by an importbuddy.php Restore Operation Persistence Weakness security vulnerability...

7.5CVSS3.7AI score0.0243EPSS
Exploits1References2Affected Software1
WPVulnDB
WPVulnDB
added 2012/10/21 12:0 a.m.24 views

White Label CMS - Cross-Site Request Forgery

The White Label CMS WordPress plugin was affected by a Cross-Site Request Forgery security vulnerability...

6.8CVSS2.7AI score0.039EPSS
Exploits7Affected Software1
WPVulnDB
WPVulnDB
added 2012/04/18 12:0 a.m.24 views

Zingiri Web Shop < 2.4.0 - Multiple Unspecified Issues

The zingiri-web-shop WordPress plugin was affected by a Multiple Unspecified Issues security vulnerability...

10CVSS2.6AI score0.02607EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2011/10/06 12:0 a.m.24 views

WP Postratings < 1.62 - Authenticated SQL Injection

The WP-PostRatings WordPress plugin was affected by a SQL Injection security vulnerability allowing authenticated users author+ to execute SQL commands via the id attribute of the ratings shortcode when creating a post...

6CVSS5.4AI score0.01631EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/07/16 12:0 a.m.23 views

Ultimate Addons for WPBakery Page Builder < 3.19.20.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ultimateinfotable shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes. This...

6.4CVSS5.8AI score0.00297EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/14 12:0 a.m.23 views

Newspaper < 12.6.6 - Authenticated (Author+) Stored Cross-Site Scripting via Attachment Meta

Description The Newspaper theme for WordPress is vulnerable to Stored Cross-Site Scripting via attachment meta in the archive page in all versions up to, and including, 12.6.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

5.5CVSS4.9AI score0.00279EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/29 12:0 a.m.23 views

Tainacan < 0.21.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Tainacan plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 0.21.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject...

6.5CVSS5.7AI score0.00263EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/22 12:0 a.m.23 views

Oxygen Builder < 4.8.3 - Authenticated (Contributor+) Remote Code Execution

Description The Oxygen Builder plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.8.2 via post metadata. This is due to the plugin storing custom data in post metadata without an underscore prefix. This makes it possible for lower privileged users,...

8.8CVSS8.1AI score0.0085EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/21 12:0 a.m.23 views

Contact Form Plugin by Fluent Forms < 5.1.14 - Subscriber+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via form settings due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with access to the Fluent Forms settings, to inject arbitrary web scripts in pages that will execut...

9.8CVSS5.5AI score0.02333EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/21 12:0 a.m.23 views

Contact Form Plugin by Fluent Forms < 5.1.17 - Contributor+ Stored XSS

Description The plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘subject’ parameter due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, and access granted by an...

7.2CVSS5.8AI score0.00387EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/16 12:0 a.m.23 views

AI Engine: ChatGPT Chatbot < 2.2.70 - Authenticated (Editor+) Arbitrary File Upload

Description The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 2.2.63. This makes it possible for authenticated attackers, with Editor-level access and above, to upload arbitrary files on the affecte...

9.1CVSS8AI score0.00824EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/16 12:0 a.m.23 views

Table Maker <= 1.9.1 - Authenticated (Author+) Stored Cross-Site Scripting

Description The Table Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject...

5.9CVSS5.9AI score0.00338EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/14 12:0 a.m.23 views

Insert or Embed Articulate Content into WordPress <= 4.3000000023 - Iframe Injection

Description The plugin lacks validation of URLs when adding iframes, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page. PoC 1 Create a new post 2 Add and e-Learning block and upload a zip file 3 Select the "Insert As: Iframe" option 4 Intercept the...

5.4CVSS6.6AI score0.00202EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.23 views

LearnPress – WordPress LMS Plugin < 4.2.6.6 - Authenticated (Instructor+) Arbitrary File Upload

Description The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'savepostmaterials' function in versions up to, and including, 4.2.6.5. This makes it possible for authenticated attackers, with Instructor-lev...

8.8CVSS7.9AI score0.01025EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.23 views

Porto < 7.1.1 - Unauthenticated Local File Inclusion via porto_ajax_posts

Description The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via the 'portoajaxposts' function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any P...

9.8CVSS8.1AI score0.02687EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/07 12:0 a.m.23 views

WholesaleX – WooCommerce Wholesale Plugin (Wholesale Prices, Dynamic Pricing, Tiered Pricing) < 1.3.3 - Unauthenticated PHP Object Injection

Description The WholesaleX – WooCommerce Wholesale Plugin Wholesale Prices, Dynamic Pricing, Tiered Pricing plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.2 via deserialization of untrusted input. This makes it possible for unauthenticated...

10CVSS7.4AI score0.00725EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/07 12:0 a.m.23 views

Exclusive Addons Elementor < 2.6.9.2 - Missing Authorization to Post Duplication

Description The Exclusive Addons Elementor plugin for WordPress is vulnerable to unauthorized access of datadue to an insufficient capability check on the duplicatepost function in versions up to, and including, 2.6.9.1. This makes it possible for authenticated attackers, with contributor-level...

9.8CVSS6.2AI score0.00422EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/07 12:0 a.m.23 views

WTI Like Post <= 1.4.6 - IP Spoofing

Description The WTI Like Post plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 1.4.6 due to insufficient IP address validation and/or use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it possible for unauthenticated...

5.3CVSS6.6AI score0.00414EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.23 views

WooCommerce Amazon Affiliates - Wordpress Plugin <= 14.0.10 - Authenticated (Subscriber+) Privilege Escalation

Description The WooCommerce Amazon Affiliates - Wordpress Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 14.0.10. This makes it possible for authenticated attackers, with subscriber-level access and above, to elevate their privileges...

8.8CVSS7.1AI score0.00512EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.23 views

Barcode Scanner with Inventory & Order Manager < 1.5.4 - Missing Authorization

Description The Barcode Scanner with Inventory & Order Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.5.3. This makes it possible for unauthenticated attackers to perform an unauthorized action...

9.1CVSS7AI score0.00413EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.23 views

Knowledge Base documentation & wiki plugin – BasePress < 2.16.2.1 - Missing Authorization

Description The Knowledge Base documentation & wiki plugin – BasePress plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX actions in versions up to, and including, 2.16.1. This makes it possible for authenticated attackers, with...

5.4CVSS5.2AI score0.0039EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/29 12:0 a.m.23 views

All in One SEO < 4.6.1.1 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its Post fields before outputting them back, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC As a contributor, create a post and put the following payload in the "Meta...

5.2AI score0.00369EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/29 12:0 a.m.23 views

Subway – Private Site Option <= 2.1.4 - Improper Access Control to Sensitive Information Exposure via REST API

Description The Subway – Private Site Option plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.4 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's private site feature and view restricted page...

5.3CVSS6.8AI score0.00448EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/04/25 12:0 a.m.23 views

Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX < 4.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

6.5CVSS7.8AI score0.00323EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/25 12:0 a.m.23 views

HUSKY – Products Filter for WooCommerce (formerly WOOF) < 1.3.5.3 - Subscriber+ Remote Code Execution

Description The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.5.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to execute code on the server...

8.8CVSS9.6AI score0.00699EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/23 12:0 a.m.23 views

Theme My Login < 7.1.7 - Missing Authorization to Notice Dismissal

Description The Theme My Login plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tmladminajaxdismissnotice function in all versions up to, and including, 7.1.6. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS4.4AI score0.00337EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/12 12:0 a.m.23 views

Meta Slider < 3.70.1 - Contributor+ Stored Cross-Site Scripting via metaslider Shortcode

Description The plugin is vulnerable to Stored Cross-Site Scripting via the plugin's 'metaslider' shortcode in all versions up to, and including, 3.70.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.00343EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/11 12:0 a.m.23 views

RapidLoad Power-Up for Autoptimize < 2.2.12 - Unauthenticated Server-Side Request Forgery

Description The RapidLoad 2.2 – Speed Monster in One Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.11. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web...

7.2CVSS6.7AI score0.00369EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/11 12:0 a.m.23 views

Modal Window < 5.3.10 - Modal Deletion via CSRF

Description The plugin does not have CSRF check in place when bulk deleting modals, which could allow attackers to make a logged in admin delete them via a CSRF attack PoC Have a logged in admin open an HTML file containing where ID is an existing modal: action...

6.3AI score0.00204EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/08 12:0 a.m.23 views

WordPress Gallery Plugin – NextGEN Gallery < 3.59.1 - Missing Authorization to Unauthenticated Information Disclosure

Description The WordPress Gallery Plugin – NextGEN Gallery plugin is vulnerable to unauthorized access of data due to a missing capability check on the getitem function. This makes it possible for unauthenticated attackers to extract sensitive data including EXIF and other metadata of any image...

5.3CVSS6.6AI score0.38023EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/04 12:0 a.m.23 views

ProfileGrid < 5.7.9 - Authenticated (Subscriber+) SQL Injection

Description The ProfileGrid plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 5.7.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, wit...

8.8CVSS7.3AI score0.32049EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/04 12:0 a.m.23 views

WP-CRM System < 3.2.9.1 - Authenticated (Administrator+) Stored Cross-Site Scripting

Description The WordPress CRM Plugin – WP-CRM System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...

5.9CVSS5.7AI score0.00359EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/04 12:0 a.m.23 views

Finale Lite < 2.18.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation and Activation

Description The Finale Lite – Sales Countdown Timer & Discount for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in all versions up to, and including, 2.18.0. This makes it possible for authenticated attackers, with...

8.8CVSS6.5AI score0.01038EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/04 12:0 a.m.23 views

LearnPress < 4.2.6.4 - Authenticated(LP Instructor+) Stored Cross-Site Scripting

Description The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Course, Lesson, and Quiz title and content in all versions up to, and including, 4.2.6.3 due to insufficient input sanitization and output escaping. This makes it possible f...

4.8CVSS5.7AI score0.00426EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/03 12:0 a.m.23 views

Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) < 3.2.10 - Sensitive Information Exposure

Description The Easy Digital Downloads – Sell Digital Files & Subscriptions eCommerce Store + Payments Made Easy plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.9. This makes it possible for unauthenticated attackers to download the...

5.3CVSS7AI score0.00603EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/03 12:0 a.m.23 views

WP Hotel Booking < 2.0.9.3 - Improper Authorization on Multiple REST API Routes

Description The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to an improper capability check on the 'pricingplans', 'blockdate', 'managerbookings', and 'updatefieldroom' functions for the 'pricing-plans', 'block-date',...

6.6AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/03 12:0 a.m.23 views

YITH WooCommerce Account Funds Premium < 1.34.0 - Missing Authorization

Description The YITH WooCommerce Account Funds Premium plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.33.0. This makes it possible for authenticated attackers, with customer-level access and above, ...

8.8CVSS6.4AI score0.00384EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/02 12:0 a.m.23 views

Save as PDF by Pdfcrowd < 3.2.2 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to "Settings Save as Image"...

5.4AI score0.00266EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/01 12:0 a.m.23 views

ReviewX < 1.6.23 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The ReviewX plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.6.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject...

6.5CVSS5.8AI score0.00357EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/29 12:0 a.m.23 views

HUSKY < 1.3.5.3 - Admin+ Local File Inclusion

Description The plugin is vulnerable to Local File Inclusion via the 'type' parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This c...

7.2CVSS7.7AI score0.00761EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/29 12:0 a.m.23 views

Ultimate Addons for Beaver Builder – Lite < 1.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Heading Widget

Description The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Heading widget in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.9AI score0.00343EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.23 views

WP Go Maps < 9.0.35 - Information Exposure to Potential Denial of Service

Description The plugin is vulnerable to unauthenticated API key disclosure due to the plugin adding the API key to several plugin files. This makes it possible for unauthenticated attackers to obtain the developer's Google API key. While this does not affect the security of sites using this plugi...

6.5CVSS6.6AI score0.00795EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.23 views

BetterDocs – Best Documentation, FAQ & Knowledge Base Plugin with AI Support & Instant Answer For Elementor & Gutenberg < 3.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The BetterDocs – Best Documentation, FAQ & Knowledge Base Plugin with AI Support & Instant Answer For Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.4.2 due to insufficient inp...

6.4CVSS5.6AI score0.00353EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/22 12:0 a.m.23 views

MJM Clinic < 1.1.23 - Authenticated (Administrator+) Stored Cross-Site Scripting

Description The MJM Clinic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

5.9CVSS5.7AI score0.00339EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/22 12:0 a.m.23 views

Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder < 1.15.23 - Sensitive Information Exposure

Description The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.15.22 via the signature functionality. This makes it possible for unauthenticated attackers to extrac...

7.5CVSS6.4AI score0.00699EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities5000