Known Vulnerabilities for Homepage by Homepage Project
Listed below are 1 of the newest known vulnerabilities associated with "Homepage" by "Homepage Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-54393 json | A stored cross-site scripting vulnerability exists in MISP when the Overmind theme is used. The setHomePage endpoint previous... | Not Provided | 2026-06-12 | 2026-06-15 |
| CVE-2026-48823 json | Shaarli is a personal bookmarking service. Versions 0.16.1 and prior contain a stored Cross-Site Scripting (XSS) vulnerabilit... | Not Provided | 2026-06-17 | 2026-06-18 |
| CVE-2026-44429 json | The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.7, the publ... | Not Provided | 2026-05-14 | 2026-05-15 |
| CVE-2025-49453 json | Cross-Site Request Forgery (CSRF) vulnerability in Jatinder Pal Singh BP Profile as Homepage bp-profile-as-homepage allows St... | Not Provided | 2025-06-06 | 2026-04-23 |
| CVE-2025-12714 json | The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized access due to ... | Not Provided | 2026-05-29 | 2026-05-29 |
| CVE-2024-24889 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Geek Code Lab All 404 P... | Not Provided | 2024-02-12 | 2026-04-28 |
| CVE-2023-47530 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPVibes Redirect 404 Er... | Not Provided | 2023-12-18 | 2026-04-28 |
| CVE-2023-31805 json | Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local authenticated attacker to execute arbitrary ... | Not Provided | 2023-05-09 | 2026-07-09 |
| CVE-2022-43480 json | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Magneticlab Sàrl Homepage Pop-up plugin <= 1.2.5 versions... | Not Provided | 2023-04-16 | 2026-04-28 |
| CVE-2022-31548 json | The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask send_file funct... | 9.3 - CRITICAL | 2022-07-11 | 2022-07-15 |