CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

RedhatCVE•added 2025/05/23 12:0 p.m.•4 views

CVE-2025-24727

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople Contact Form Email contact-form-to-email allows Stored XSS.This issue affects Contact Form Email: from n/a through = 1.3.52...

5.9CVSS7.2AI score0.00088EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 6:29 p.m.•7 views

CVE-2021-24727

The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL Injections...

8.8CVSS7.3AI score0.01111EPSS

Exploits2References1

Circl•added 2025/01/24 8:16 p.m.•5 views

CVE-2025-24727

creationtimestamp| type| source ---|---|--- 2025-01-24 20:16:12+00:00| seen| https://t.me/cvedetector/16334 2025-01-24 22:47:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113885762831196914...

5.9CVSS7.3AI score0.00088EPSS

Exploits0References2

NVD•added 2025/01/24 6:15 p.m.•13 views

CVE-2025-24727

5.9CVSS0.00088EPSS

Exploits0References1

CVE•added 2025/01/24 5:25 p.m.•78 views

CVE-2025-24727

CVE-2025-24727 affects the WordPress plugin Contact Form Email (CodePeople) up to v1.3.52. The description confirms a stored XSS due to improper input neutralization during web page generation. Multiple sources in the connected set (NVD, CVE lists, Red Hat advisory) corroborate the vulnerability;...

5.9CVSS7.2AI score0.00088EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/01/24 5:25 p.m.•6 views

CVE-2025-24727 WordPress Contact Form to Email Plugin <= 1.3.52 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodePeople Contact Form Email allows Stored XSS. This issue affects Contact Form Email: from n/a through 1.3.52...

5.9CVSS5.7AI score0.00088EPSS

Exploits0References1

Cvelist•added 2025/01/24 5:25 p.m.•12 views

CVE-2025-24727 WordPress Contact Form to Email Plugin <= 1.3.52 - Cross Site Scripting (XSS) vulnerability

5.9CVSS0.00088EPSS

Exploits0References1

Circl•added 2022/03/04 8:30 p.m.•2 views

CVE-2022-24727

creationtimestamp| type| source ---|---|--- 2022-03-04 20:30:02+00:00| seen| https://t.me/cibsecurity/38441...

4.8AI score

Exploits0References1

CVE•added 2022/03/04 4:45 p.m.•142 views

CVE-2022-24727

CVE-2022-24727 is rejected/not used and does not represent an active vulnerability entry.

8.5AI score

Exploits0

Circl•added 2021/09/13 10:15 p.m.•3 views

CVE-2021-24727

creationtimestamp| type| source ---|---|--- 2021-09-13 22:15:13+00:00| seen| https://t.me/cibsecurity/28746...

8.8CVSS8.1AI score0.01111EPSS

Exploits2References1

CVE•added 2021/09/13 5:56 p.m.•57 views

CVE-2021-24727

CVE-2021-24727 concerns the StopBadBots WordPress plugin prior to 6.60. The vulnerability arises from not validating/escaping the order and orderby GET parameter on certain admin dashboard pages, enabling authenticated SQL injections. Impact is authenticated SQLi with partial confidentiality/inte...

8.8CVSS9AI score0.01111EPSS

Exploits2References3Affected Software1

Cvelist•added 2021/09/13 5:56 p.m.•13 views

CVE-2021-24727 Block and Stop Bad Bots < 6.60 - Authenticated SQL Injections

The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL Injections...

9.1AI score0.01111EPSS

Exploits2References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by