CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

Circl•added 2026/03/27 3:0 a.m.•2 views

CVE-2026-32678

creationtimestamp| type| source ---|---|--- 2026-03-27 03:00:00+00:00| seen| https://jvn.jp/en/jp/JVN83788689/ 2026-03-27 07:18:31+00:00| seen| Telegram/tQ8akL20JB-7ffGjDDpJsYVoTg18MfzS3yyGF6GBW7nNPwo 2026-03-27 07:18:51+00:00| seen| Telegram/P-c6qw41ZnFxRT6ZQxEHaCculf4buxnen-CyMrcI5qxOnbs...

8.7CVSS7.7AI score0.00107EPSS

Exploits0References4

RedhatCVE•added 2025/05/23 3:50 a.m.•6 views

CVE-2023-32678

Zulip is an open-source team collaboration tool with topic-based threading that combines email and chat. Users who used to be subscribed to a private stream and have been removed from it since retain the ability to edit messages/topics, move messages to other streams, and delete messages that the...

6.5CVSS6.8AI score0.00038EPSS

Exploits0References1

RedhatCVE•added 2025/04/11 6:16 p.m.•13 views

CVE-2025-32678

Cross-Site Request Forgery CSRF vulnerability in Ashish Ajani WP Show Stats wp-show-stats allows Cross Site Request Forgery.This issue affects WP Show Stats: from n/a through = 1.5...

4.3CVSS7.2AI score0.00333EPSS

Exploits0References1

NVD•added 2025/04/09 5:15 p.m.•11 views

CVE-2025-32678

Cross-Site Request Forgery CSRF vulnerability in Ashish Ajani WP Show Stats wp-show-stats allows Cross Site Request Forgery.This issue affects WP Show Stats: from n/a through = 1.5...

4.3CVSS0.00333EPSS

Exploits0References1

CVE•added 2025/04/09 4:9 p.m.•52 views

CVE-2025-32678

CVE-2025-32678 is a CSRF in the WordPress plugin WP Show Stats, affecting versions up to 1.5 (noted as from n/a through 1.5). The entry specifies a Cross-Site Request Forgery vulnerability with a CVSS v3.1 base score of 4.3 (Medium) and does not provide details on patch/version that fixes it. The...

4.3CVSS7.2AI score0.00333EPSS

Exploits0References1

Cvelist•added 2025/04/09 4:9 p.m.•10 views

CVE-2025-32678 WordPress WP Show Stats plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Ashish Ajani WP Show Stats wp-show-stats allows Cross Site Request Forgery.This issue affects WP Show Stats: from n/a through = 1.5...

4.3CVSS0.00333EPSS

Exploits0References1

Vulnrichment•added 2025/04/09 4:9 p.m.•5 views

CVE-2025-32678 WordPress WP Show Stats plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Ashish Ajani WP Show Stats allows Cross Site Request Forgery. This issue affects WP Show Stats: from n/a through 1.5...

4.3CVSS4.7AI score0.00333EPSS

Exploits0References1

Patchstack•added 2025/04/09 3:28 p.m.•2 views

WordPress WP Show Stats plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin WP Show Stats versions = 1.5...

4.3CVSS8.2AI score0.00333EPSS

Exploits0Affected Software1

NVD•added 2024/04/24 4:15 p.m.•10 views

CVE-2024-32678

Missing Authorization vulnerability in TrackShip TrackShip for WooCommerce.This issue affects TrackShip for WooCommerce: from n/a through 1.7.5...

5.3CVSS5.3AI score0.00084EPSS

Exploits0References1

Cvelist•added 2024/04/24 3:21 p.m.•16 views

CVE-2024-32678 WordPress TrackShip for WooCommerce plugin <= 1.7.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in TrackShip TrackShip for WooCommerce.This issue affects TrackShip for WooCommerce: from n/a through 1.7.5...

5.3CVSS5.6AI score0.00084EPSS

Exploits0References1

CVE•added 2024/04/24 3:21 p.m.•82 views

CVE-2024-32678

CVE-2024-32678 is a Missing Authorization vulnerability in TrackShip for WooCommerce, affecting TrackShip for WooCommerce versions up to 1.7.5. The entry states a Missing Authorization issue but does not provide attack vectors or explicit impact beyond unauthorized access possibility. CVSS v3.1 b...

5.3CVSS5.1AI score0.00084EPSS

Exploits0References1

Patchstack•added 2024/04/17 12:0 a.m.•9 views

WordPress TrackShip for WooCommerce Plugin <= 1.7.5 is vulnerable to Broken Access Control

Software TrackShip for WooCommerce Type Plugin Vulnerable versions = 1.7.5 Fixed in 1.7.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32678 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ba4fb93f7ec5 Credits Dhabaleshwar Das...

5.3CVSS6.6AI score0.00084EPSS

Exploits0References2Affected Software1

Circl•added 2023/08/26 12:14 a.m.•4 views

CVE-2023-32678

creationtimestamp| type| source ---|---|--- 2023-08-26 00:14:23+00:00| seen| https://t.me/cibsecurity/69211...

6.5CVSS6.3AI score0.00038EPSS

Exploits0References1

NVD•added 2023/08/25 9:15 p.m.•11 views

CVE-2023-32678

6.5CVSS6.5AI score0.00038EPSS

Exploits0References2

Vulnrichment•added 2023/08/25 8:4 p.m.•14 views

CVE-2023-32678 Zulip vulnerable to insufficient authorization check for edition/deletion of messages and topics in private streams by former subscribers

6.5CVSS7AI score0.00038EPSS

Exploits0References2

CVE•added 2023/08/25 8:4 p.m.•50 views

CVE-2023-32678

Zulip CVE-2023-32678 describes an authorization flaw in Zulip Server prior to 7.3 where former subscribers of private streams could still edit, move, or delete messages and topics they had previously accessed. The issue arises from insufficient checks on who can modify or remove content in privat...

6.5CVSS6.4AI score0.00038EPSS

Exploits0References2Affected Software1

Circl•added 2021/07/12 4:17 p.m.•3 views

CVE-2021-32678

creationtimestamp| type| source ---|---|--- 2021-07-12 16:17:56+00:00| seen| https://t.me/cibsecurity/26059...

5.3CVSS5.4AI score0.00302EPSS

Exploits0References1

CVE•added 1976/01/01 12:0 a.m.•26 views

CVE-2022-32678

CVE-2022-32678 is rejected/not used and does not represent an active vulnerability entry.

7.3AI score

Exploits0