CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

NVD•added 2026/03/05 6:16 a.m.•1 views

CVE-2026-27987

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX The Qlean the-qlean allows PHP Local File Inclusion.This issue affects The Qlean: from n/a through = 2.12...

8.1CVSS0.00172EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 3:52 a.m.•5 views

CVE-2024-27987

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a through = 3.3.1...

7.1CVSS7.2AI score0.00077EPSS

Exploits0References1

Circl•added 2024/03/15 12:26 p.m.•5 views

CVE-2024-27987

creationtimestamp| type| source ---|---|--- 2024-03-15 12:26:26+00:00| seen| https://t.me/ctinow/208692 2024-03-15 12:31:30+00:00| seen| https://t.me/ctinow/208695 2025-02-19 21:02:49+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3likodssymu25...

7.1CVSS8.7AI score0.00077EPSS

Exploits0References3

NVD•added 2024/03/15 11:15 a.m.•6 views

CVE-2024-27987

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a through = 3.3.1...

7.1CVSS6.9AI score0.00077EPSS

Exploits0References2

CVE•added 2024/03/15 10:26 a.m.•55 views

CVE-2024-27987

CVE-2024-27987 is a Reflected XSS in the GiveWP Give plugin (WordPress) caused by improper neutralization of input during web page generation. Affected versions: GiveWP standalone? listed as up to 3.3.1 (per the CVE entry). Connected documents corroborate the vulnerability description but do not ...

7.1CVSS7.2AI score0.00077EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/03/15 10:26 a.m.•13 views

CVE-2024-27987 WordPress Give plugin <= 3.3.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a through = 3.3.1...

7.1CVSS7.1AI score0.00077EPSS

Exploits0References1

Patchstack•added 2024/03/15 12:0 a.m.•6 views

WordPress GiveWP Plugin <= 3.3.1 is vulnerable to Cross Site Scripting (XSS)

Software GiveWP Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.4.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27987 Patch priority Medium CVSS severity Medium 7.1 Developer Liquid Web / StellarWP PSID 221b899ac821 Credits Rafie Muhammad Patchstack Required...

7.1CVSS6.5AI score0.00077EPSS

Exploits0References2Affected Software1

Circl•added 2023/04/10 12:22 p.m.•1 views

CVE-2023-27987

creationtimestamp| type| source ---|---|--- 2023-04-10 12:22:28+00:00| seen| https://t.me/cibsecurity/61738...

9.1CVSS8.6AI score0.00243EPSS

Exploits0References1

Cvelist•added 2023/04/10 7:37 a.m.•15 views

CVE-2023-27987 Apache Linkis gateway module token authentication bypass

In Apache Linkis =1.3.1, due to the default token generated by Linkis Gateway deployment being too simple, it is easy for attackers to obtain the default token for the attack. Generation rules should add random values. We recommend users upgrade the version of Linkis to version 1.3.2 And modify t...

9.4AI score0.00243EPSS

Exploits0References2