Privilege escalation in Microsoft Exchange Server 2016 (and Subscription Edition per vendor tagging) allows an authenticated attacker on the network to elevate privileges through improper input validation (CWE-20). The flaw carries a CVSS 7.5 score with high impact to confidentiality, integrity, and availability, though attack complexity is rated High. No public exploit identified at time of analysis.
JIT compiler miscompilation in Mozilla Firefox and Thunderbird's JavaScript engine enables remote attackers to achieve limited confidentiality, integrity, and availability impact without authentication or user interaction. Affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird ESR < 140.6. Vendor-released patches available in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6. No public exploit identified at time of analysis, with EPSS score of 0.11% (30th percentile) indicating low predicted exploitation probability.
Memory corruption vulnerabilities in Mozilla Firefox 145 and Thunderbird 145 enable remote code execution via multiple memory safety bugs. Unauthenticated remote attackers can exploit these flaws (CWE-787 buffer overflow) through network-based attack vectors with low complexity, requiring no user interaction. Mozilla has released patches in Firefox 146 and Thunderbird 146. EPSS score of 0.07% (21st percentile) suggests low observed exploitation probability, and no public exploit identified at time of analysis, though the vendor's assessment indicates memory corruption with exploitable potential.
A critical remote code execution vulnerability exists in CSLA .NET framework versions 5.5.4 and below due to insecure deserialization when using WcfProxy with the obsolete NetDataContractSerializer. This vulnerability allows unauthenticated remote attackers to execute arbitrary code on affected systems without user interaction, potentially leading to complete system compromise. While no active exploitation has been reported in CISA KEV and no public POC is mentioned, the vulnerability's network-exposed nature and low attack complexity make it a high-priority security concern.
Authenticated OS command injection in Fortinet FortiSandbox (versions 5.0.0-5.0.2, 4.4.0-4.4.7, all 4.2.x, all 4.0.x) and FortiSandbox Cloud (24.1 and all 23.x) allows a high-privileged remote attacker to execute arbitrary commands by sending crafted HTTP/HTTPS requests to the management interface. No public exploit identified at time of analysis and the issue is not currently listed in CISA KEV, but the breadth of affected major versions and the network-reachable attack surface make this a notable post-authentication risk for security appliance operators.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Portfolio Post themify-portfolio-post allows Stored XSS.This issue affects Themify Portfolio Post: from n/a through <= 1.3.0.
Cross-Site Request Forgery (CSRF) vulnerability in Jacques Malgrange Rencontre rencontre allows Stored XSS.This issue affects Rencontre: from n/a through <= 3.13.7.
Cross-Site Request Forgery in WordPress New User Approve plugin (versions ≤3.2.3) enables unauthenticated remote attackers to trick authenticated administrators into executing unauthorized actions via crafted requests. With EPSS probability of 0.02% (5th percentile) and no evidence of active exploitation (not in CISA KEV), this represents a moderate real-world risk despite a CVSS 7.1 score. The vulnerability requires user interaction (UI:R) but no attacker privileges (PR:N), making it viable through social engineering tactics like phishing emails containing malicious links.
Cross-site request forgery (CSRF) in Create Posts & Terms WordPress plugin through version 1.3.1 enables attackers to inject malicious scripts that persist in the application database. Exploitation requires tricking an authenticated administrator into visiting a malicious page while logged into WordPress. The vulnerability chains CSRF with stored XSS, allowing attackers to execute arbitrary JavaScript in victims' browsers across sessions with potential for privilege escalation, data theft, and site compromise. EPSS score and exploitation data not available, but Patchstack database listing indicates security researcher disclosure.
Deserialization of untrusted data in WP Maps WordPress plugin versions up to 4.8.6 allows high-privileged authenticated users to inject and instantiate arbitrary PHP objects, potentially leading to code execution or privilege escalation. While the CVSS score of 6.5 reflects high confidentiality and integrity impact, the requirement for administrator-level privileges (PR:H) and user interaction (UI:R) significantly constrains real-world exploitability. EPSS score of 0.04% indicates minimal observed exploitation likelihood despite the vulnerability's technical severity.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lester Chan WP-ShowHide wp-showhide allows Stored XSS.This issue affects WP-ShowHide: from n/a through <= 1.05.
Missing Authorization vulnerability in WP Delicious WP Delicious delicious-recipes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Delicious: from n/a through <= 1.9.1.
DOM-based cross-site scripting (XSS) in muffingroup Betheme WordPress theme versions up to 28.2 allows authenticated attackers with low privileges to inject malicious scripts that execute in the context of other users' browsers. The vulnerability requires user interaction (UI:R) and affects the confidentiality, integrity, and availability of affected installations; EPSS exploitation probability is low at 0.04%, and no public exploit code or active exploitation has been confirmed.
DOM-based cross-site scripting in Dream-Theme The7 WordPress theme versions before 12.9.0 allows authenticated users to inject malicious scripts that execute in the context of other users' browsers via improperly sanitized input during web page generation. The vulnerability requires user interaction (UI:R) and authenticated access (PR:L), limiting real-world exploitability despite a moderate CVSS score of 6.5. EPSS exploitation probability is low at 0.04th percentile, and no public exploit code or active exploitation has been reported.
Stored cross-site scripting (XSS) in Master Addons for Elementor through version 2.0.9.9.4 allows authenticated users with limited privileges to inject malicious scripts that execute in the browsers of other site visitors, potentially compromising administrator accounts or stealing sensitive data. The vulnerability requires user interaction (UI:R) and affects the plugin's input sanitization during web page generation. With an EPSS score of 0.04% and no confirmed active exploitation, this represents a lower real-world risk despite the moderate CVSS base score of 6.5.
Stored cross-site scripting (XSS) in SimpLy Gallery WordPress plugin (versions up to 3.3.2.1) allows authenticated users with low privileges to inject malicious scripts that execute in the browsers of other site visitors, potentially leading to session hijacking, credential theft, or site defacement. The vulnerability requires user interaction (UI:R) and affects confidentiality, integrity, and availability. No public exploit code or active exploitation has been confirmed; EPSS score of 0.04% indicates low real-world exploitation probability despite the moderate CVSS rating.
Stored cross-site scripting (XSS) in Generic Elements for Elementor plugin versions 1.2.9 and earlier allows authenticated users with limited privileges to inject malicious scripts that execute in the context of other users' browsers, potentially leading to session hijacking, credential theft, or malware distribution. The vulnerability requires user interaction (clicking a malicious link) and affects WordPress installations using this plugin. EPSS exploitation probability is low at 0.04%, and no public exploit code or active exploitation has been identified.
Same-origin policy bypass in Firefox and Thunderbird request handling allows unauthenticated remote attackers to access sensitive information from cross-origin resources with low attack complexity and no user interaction required. The vulnerability affects Firefox versions below 146, Firefox ESR below 115.31 and 140.6, Thunderbird below 146, and Thunderbird ESR below 140.6. No public exploit code has been identified at time of analysis, and the EPSS score of 0.04% indicates low real-world exploitation probability despite the moderate CVSS rating.
DOM-based cross-site scripting in WordPress plugin WP Ultimate Review versions ≤2.3.7 allows remote attackers to execute malicious JavaScript in victims' browsers via crafted input that is improperly sanitized during client-side page rendering. The vulnerability requires user interaction (CVSS UI:R) but no authentication (PR:N), enabling attacks via social engineering or malicious links. Exploitation probability is low (EPSS 0.04%, 14th percentile), with no public exploit identified at time of analysis and no confirmed active exploitation (not in CISA KEV).
Cross-Site Request Forgery (CSRF) vulnerability in SaifuMak Add Custom Codes add-custom-codes allows Cross Site Request Forgery.This issue affects Add Custom Codes: from n/a through <= 4.80.
Stored cross-site scripting (XSS) in Porto Theme - Functionality plugin for WordPress allows authenticated users with low privileges to inject malicious scripts into web pages that execute in the browsers of other site visitors. The vulnerability affects Porto Theme - Functionality versions below 3.7.3 and has a low exploitation probability (EPSS 0.01%), but requires user interaction and authenticated access to exploit, limiting immediate risk to well-managed WordPress installations with access controls.
DOM-Based Cross-Site Scripting (XSS) in KALLYAS WordPress theme versions below 4.25.0 allows authenticated users with low privileges to inject malicious scripts that execute in the browsers of other users, potentially stealing session cookies, credentials, or performing unauthorized actions on their behalf. The vulnerability requires user interaction (clicking a malicious link) and affects the theme's web page generation routines. EPSS probability is 0.01% (very low), suggesting minimal real-world exploitation likelihood despite the moderate CVSS score of 6.5.
Stored or reflected cross-site scripting in phpIPAM v1.7.3 enables remote unauthenticated attackers to inject malicious JavaScript into the Request IP form via the `instructions` parameter, which is subsequently rendered in the admin-facing `/app/admin/instructions/edit-result.php` endpoint. When an authenticated administrator views the affected page, the injected script executes in their browser session, potentially enabling session token theft, credential harvesting, or unauthorized administrative actions. No public exploit identified at time of analysis, though a technical disclosure post exists at glitch0ne.com; EPSS of 0.22% at the 13th percentile confirms low opportunistic exploitation pressure.
Stored cross-site scripting (XSS) in @tiptap/extension-link before version 2.10.4 allows attackers to execute arbitrary JavaScript by injecting javascript: URL payloads into link attributes during link creation or modification. The vulnerability requires user interaction to trigger the payload and impacts the integrity of affected web applications. Publicly available exploit code exists, and a vendor-released patch is available in version 2.10.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jacques Malgrange Rencontre rencontre allows Stored XSS.This issue affects Rencontre: from n/a through <= 3.13.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rhys Wynne WP eBay Product Feeds ebay-feeds-for-wordpress allows Stored XSS.This issue affects WP eBay Product Feeds: from n/a through <= 3.4.9.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in useStrict UseStrict's Calendly Embedder cal-embedder-lite allows Stored XSS.This issue affects UseStrict's Calendly Embedder: from n/a through <= 1.1.7.2.
Stored XSS in Make Section & Column Clickable For Elementor WordPress plugin (versions through 2.4) allows authenticated users with high privileges to inject malicious scripts that execute in other users' browsers. The vulnerability requires user interaction (UI:R) and affects site confidentiality, integrity, and availability with limited scope. EPSS score of 0.04% indicates low exploitation probability despite the presence of a public vulnerability disclosure.
DOM-based cross-site scripting (XSS) in ThimPress WP Hotel Booking plugin versions up to 2.2.8 allows authenticated users with high privileges to inject malicious scripts that execute in the context of other users' browsers. The vulnerability requires user interaction (UI:R) and high administrator privileges (PR:H), limiting its real-world impact despite a moderate CVSS score of 5.9. EPSS exploitation probability is very low at 0.04%, indicating minimal practical attack likelihood.
Missing Authorization vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.3.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in WebCodingPlace Image Caption Hover Pro image-caption-hover-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Caption Hover Pro: from n/a through < 20.0.
Missing Authorization vulnerability in Webilia Inc. Listdom listdom allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Listdom: from n/a through <= 5.0.1.
Missing Authorization vulnerability in tychesoftwares Order Delivery Date for WooCommerce order-delivery-date-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Delivery Date for WooCommerce: from n/a through <= 4.3.1.
Missing Authorization vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through <= 4.5.5.
Missing Authorization vulnerability in Steve Truman Page View Count page-views-count allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page View Count: from n/a through <= 2.9.0.
Missing authorization in themezaa Litho Addons for WordPress (versions through 3.5) allows authenticated users to bypass access controls and gain unauthorized read/write access to sensitive data. The vulnerability stems from incorrectly configured access control security levels that fail to properly validate user permissions before exposing functionality. With an EPSS score of 0.04% and CVSS 5.4, exploitation requires valid authentication but no advanced attack complexity; this represents a moderate privilege escalation risk for multi-user WordPress installations.
Missing authorization in Яндекс Доставка (Boxberry) WordPress plugin version 2.34 and earlier allows authenticated users to access or modify resources they should not be permitted to via incorrectly configured access control. An attacker with valid credentials can exploit broken access control mechanisms to view or modify sensitive data without proper privilege validation, though the CVSS 5.4 score reflects limited direct impact (confidentiality and integrity), and the 0.04% EPSS score indicates low real-world exploitation probability.
Missing Authorization vulnerability in Oleksandr Lysyi Debug Log Viewer debug-log-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Debug Log Viewer: from n/a through <= 2.0.3.
Reflected XSS in Talent Software's e-BAP Automation platform (versions before build 42957) allows unauthenticated remote attackers to inject and execute malicious scripts in a victim's browser by tricking them into clicking a crafted URL. The CVSS vector (PR:N/UI:R) confirms no attacker authentication is needed, but successful exploitation depends on social-engineering a valid application user. No active exploitation has been confirmed (not in CISA KEV) and EPSS sits at 0.02% (7th percentile), indicating low near-term exploitation probability.
Reflected cross-site scripting in Talent Software UNIS allows unauthenticated remote attackers to inject and execute malicious JavaScript in a victim's browser session. All UNIS versions prior to build 42957 are affected, as disclosed by Turkey's national CERT (USOM). No public exploit code or active exploitation has been identified at time of analysis, and the EPSS score of 0.02% (7th percentile) indicates very low observed exploitation probability.
Cross-Site Request Forgery (CSRF) vulnerability in StellarWP GiveWP give allows Cross Site Request Forgery.This issue affects GiveWP: from n/a through <= 4.13.1.
Missing Authorization vulnerability in Graham Quick Interest Slider quick-interest-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Interest Slider: from n/a through <= 3.1.7.
Missing Authorization vulnerability in Virtuaria Virtuaria PagBank / PagSeguro para Woocommerce virtuaria-pagseguro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Virtuaria PagBank / PagSeguro para Woocommerce: from n/a through <= 3.6.3.
Improper HTML tag neutralization in sevenspark Contact Form 7 - Dynamic Text Extension through version 5.0.5 allows unauthenticated remote attackers to inject malicious scripts via a network-based attack with no user interaction required, resulting in confidentiality compromise through information disclosure. The vulnerability is classified as cross-site scripting (XSS) with low exploitability probability (EPSS 0.06%, percentile 18%), suggesting limited real-world attack incentive despite the network-accessible attack vector.
Missing access control in ConveyThis WordPress plugin through version 269.2 allows authenticated users with low-level privileges to execute unauthorized actions with high confidentiality, integrity, and availability impact. The vulnerability stems from improper enforcement of authorization checks (CWE-862), enabling privilege escalation by exploiting misconfigured access control security levels. No public exploit identified at time of analysis, with EPSS score of 0.06% indicating low predicted exploitation probability.
Insertion of Sensitive Information Into Sent Data vulnerability in INFINITUM FORM Geo Controller cf-geoplugin allows Retrieve Embedded Sensitive Data.This issue affects Geo Controller: from n/a through <= 8.9.4.
Missing Authorization vulnerability in wbcomdesigns Wbcom Designs lock-my-bp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wbcom Designs: from n/a through <= 2.1.1.
Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: from n/a through <= 1.1.0.
Missing Authorization vulnerability in Constant Contact Constant Contact + WooCommerce constant-contact-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Constant Contact + WooCommerce: from n/a through <= 2.4.1.
Missing Authorization vulnerability in Rhys Wynne WP Email Capture wp-email-capture allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Email Capture: from n/a through <= 3.12.4.