CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

64 matches found

CNNVD•added 2026/02/20 12:0 a.m.•3 views

WordPress plugin Quiz And Survey Master SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

8.5CVSS6.1AI score0.00044EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:12 a.m.•4 views

CVE-2022-0510

Cross-site Scripting XSS - Reflected in Packagist pimcore/pimcore prior to 10.3.1...

5.4CVSS6AI score0.00041EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:12 a.m.•1 views

CVE-2022-0509

Cross-site Scripting XSS - Stored in Packagist pimcore/pimcore prior to 10.3.1...

6.6CVSS6.1AI score0.00054EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:41 a.m.•7 views

CVE-2022-0565

Cross-site Scripting in Packagist pimcore/pimcore prior to 10.3.1...

7.6CVSS6.8AI score0.00053EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:16 a.m.•2 views

CVE-2025-9294

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the qsmdashboarddeleteresult function in all versions up to, and including, 10.3.1. This makes it possible for authenticated attackers,...

4.3CVSS5AI score0.00034EPSS

Exploits0References1

OSV•added 2026/01/06 10:15 a.m.•1 views

CVE-2025-9637

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability and status checks on multiple functions in all versions up to, and including, 10.3.1. This makes it possible for unauthenticat...

6.5CVSS5.8AI score

Exploits0References4

Vulnrichment•added 2026/01/06 9:20 a.m.•1 views

CVE-2025-9318 Quiz and Survey Master (QSM) <= 10.3.1 - Authenticated (Subscriber+) SQL Injection via `is_linking` Query Parameter

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to time-based SQL Injection via the ‘islinking’ parameter in all versions up to, and including, 10.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

6.5CVSS6.2AI score0.00025EPSS

Exploits0References2

NVD•added 2026/01/06 9:15 a.m.•1 views

CVE-2025-9294

4.3CVSS0.00034EPSS

Exploits0References3

Positive Technologies•added 2026/01/06 12:0 a.m.•3 views

PT-2026-1427

Name of the Vulnerable Software and Affected Versions Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress versions through 10.3.1 Description The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is susceptible to unauthorized data loss. This...

4.3CVSS6.1AI score0.00034EPSS

Exploits0References9

CNNVD•added 2026/01/06 12:0 a.m.•2 views

WordPress plugin Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. WordPress...

6.5CVSS7.8AI score0.00025EPSS

Exploits0References3

NVD•added 2025/12/09 4:18 p.m.•2 views

CVE-2025-63054

Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through = 10.3.2...

5.3CVSS0.00013EPSS

Exploits0References1

Positive Technologies•added 2025/12/09 12:0 a.m.•3 views

PT-2025-50054

7AI score0.00013EPSS

Exploits0References2

Patchstack•added 2025/10/30 12:0 a.m.•10 views

WordPress SmartMag Theme <= 10.3.1 is vulnerable to Cross Site Scripting (XSS)

Software SmartMag Type Theme Vulnerable versions = 10.3.1 Fixed in 10.3.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-64204 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6a240fc7988d Credits João Pedro S Alcântara Kinorth Required...

6.5CVSS5.9AI score0.0003EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/29 9:30 a.m.•3 views

EUVD-2025-36623

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeSphere SmartMag smart-mag allows Stored XSS.This issue affects SmartMag: from n/a through = 10.3.1...

6.5CVSS5.5AI score0.0003EPSS

Exploits0References2

Vulnrichment•added 2025/10/29 8:38 a.m.•3 views

CVE-2025-64204 WordPress SmartMag theme <= 10.3.1 - Cross Site Scripting (XSS) vulnerability

6.5CVSS5.6AI score0.0003EPSS

Exploits0References1

CNNVD•added 2025/10/29 12:0 a.m.•1 views

WordPress plugin SmartMag 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

6.5CVSS5.8AI score0.0003EPSS

Exploits0References1

Positive Technologies•added 2025/10/29 12:0 a.m.•3 views

PT-2025-44248

Name of the Vulnerable Software and Affected Versions ThemeSphere SmartMag versions through 10.3.1 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting issue. This allows for Stored XSS attacks...

6.5CVSS5.6AI score0.0003EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-1040

Malicious code in bioql PyPI...

7.6CVSS6.8AI score0.00053EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-0959

Malicious code in bioql PyPI...

6.6CVSS6.1AI score0.00054EPSS

Exploits1References4