CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

108 matches found

CVE-2026-42683

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows DOM-Based XSS. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.8...

7.1CVSS0.00033EPSS

Exploits0References1

Vulnrichment•added 3 days ago•5 views

CVE-2026-42683 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.8 - Cross Site Scripting (XSS) vulnerability

7.1CVSS5.8AI score0.00033EPSS

Exploits0References1

ATTACKERKB•added 3 days ago•3 views

CVE-2026-42683

7.1CVSS5.8AI score0.00033EPSS

Exploits0References2

Cvelist•added 3 days ago•22 views

CVE-2026-42683 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.8 - Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00033EPSS

Exploits0References1

Positive Technologies•added 3 days ago•8 views

PT-2026-45436

Name of the Vulnerable Software and Affected Versions e4jvikwp VikBooking Hotel Booking Engine & PMS versions prior to 1.8.9 Description Improper neutralization of input during web page generation allows DOM-Based Cross-Site Scripting XSS, a flaw where the application contains client-side scripts...

7.1CVSS5.9AI score0.00033EPSS

Exploits0References4

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в python-webob

WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user will be redirected to using Python’s urlparse function, and joining that parsed URL to the base URL. However, the...

6.1CVSS6.2AI score0.00263EPSS

Exploits1References2

Tenable Nessus•added 2026/05/11 12:0 a.m.•3 views

Unity Linux 20.1060e / 20.1070e Security Update: libgcrypt (UTSA-2026-017573)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017573 advisory. Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpipowm, and...

7.5CVSS6.8AI score0.00425EPSS

Exploits0References4

Patchstack•added 2026/02/03 7:55 a.m.•5 views

WordPress WordPress Pinterest Plugin - Make a Popup, User Profile, Masonry and Gallery Layout plugin <= 1.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

WordPress WordPress Pinterest Plugin - Make a Popup, User Profile, Masonry and Gallery Layout plugin = 1.8.8 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin GS Pins for Pinterest versions = 1.8.8...

6.4CVSS5.3AI score0.00233EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/12/31 12:0 a.m.•3 views

WordPress Pagelayer plugin < 1.8.8 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Jeewan Kumar Bhatta in WordPress Plugin PageLayer versions 1.8.8...

4.8CVSS5.9AI score0.00166EPSS

Exploits1References1Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2016-10230

Malware in sbrugna...

9.8CVSS9.5AI score0.01105EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-44810

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00061EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-57424

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00086EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-0201

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00263EPSS

Exploits1References5

Patchstack•added 2025/09/03 3:5 p.m.•6 views

WordPress WP Delicious Plugin <= 1.8.7 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin WP Delicious versions = 1.8.7...

6.5CVSS6AI score0.00047EPSS

Exploits0Affected Software1

CNNVD•added 2025/08/05 12:0 a.m.•1 views

Glossword 安全漏洞

Glossword is a free dictionary application by DmitrySh Individual Developer. A security vulnerability exists in Glossword versions 1.8.8 through 1.8.12, which stems from an unvalidated uploaded file type and could lead to arbitrary file uploads and remote code execution...

9.4CVSS7.9AI score0.52988EPSS

Exploits0References7

RedhatCVE•added 2025/06/23 8:40 a.m.•2 views

CVE-2025-52710

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ninja Team File Manager Pro filester allows Stored XSS.This issue affects File Manager Pro: from n/a through = 1.8.8...

5.9CVSS5.9AI score0.0017EPSS

Exploits0References1

Cvelist•added 2025/06/20 3:3 p.m.•9 views

CVE-2025-52710 WordPress File Manager Pro plugin <= 1.8.8 - Cross Site Scripting (XSS) Vulnerability

5.9CVSS0.0017EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:27 a.m.•4 views

CVE-2024-43335

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CyberChimps Responsive Blocks – WordPress Gutenberg Blocks allows Stored XSS.This issue affects Responsive Blocks – WordPress Gutenberg Blocks: from n/a through 1.8.8...

6.5CVSS6.8AI score0.00155EPSS

Exploits0

RedhatCVE•added 2025/05/23 7:51 a.m.•3 views

CVE-2024-11453

The WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gspinwidget' shortcode in all versions up to, and including, 1.8.8 due to insufficient input sanitization and output escaping...

6.4CVSS5.8AI score0.00233EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 7:21 a.m.•6 views

CVE-2024-44054

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CryoutCreations Fluida allows Stored XSS.This issue affects Fluida: from n/a through 1.8.8...

6.5CVSS6.8AI score0.00143EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by