m4sh-wacker

2 exploits Active since Nov 2025

CVE-2025-60188 NOMISEC HIGH WORKING POC

Atarim <= 4.2.1 - Sensitive Data Exposure via Embedded Data Retrieval

Insertion of Sensitive Information Into Sent Data vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Retrieve Embedded Sensitive Data.This issue affects Atarim: from n/a through <= 4.2.1.

22 stars

CVSS 7.5

View Code

CVE-2026-0594 NOMISEC MEDIUM WORKING POC

WordPress List Site Contributors <1.1.8 - XSS

The List Site Contributors plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'alpha' parameter in versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

3 stars

CVSS 6.1

View Code