CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

RedhatCVE•added 2025/05/23 9:52 a.m.•3 views

CVE-2024-37502

Deserialization of Untrusted Data vulnerability in wpweb WooCommerce Social Login woo-social-login.This issue affects WooCommerce Social Login: from n/a through = 2.6.3...

7.5CVSS5.9AI score0.00437EPSS

Exploits0References1

Circl•added 2025/03/26 6:25 p.m.•0 views

CVE-2021-37502

creationtimestamp| type| source ---|---|--- 2025-03-26 18:25:20+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8914...

5.4CVSS5.5AI score0.00168EPSS

Exploits1References1

Vulnrichment•added 2024/07/09 8:57 a.m.•26 views

CVE-2024-37502 WordPress Social Login plugin <= 2.6.3 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in wpweb WooCommerce Social Login.This issue affects WooCommerce Social Login: from n/a through 2.6.3...

5.4CVSS7AI score0.00437EPSS

Exploits0References1

CVE•added 2024/07/09 8:57 a.m.•60 views

CVE-2024-37502

CVE-2024-37502 affects the WooCommerce – Social Login plugin for WordPress, with affected versions up to 2.6.3. The vulnerability is described in the connected Wordfence entry as an unauthenticated PHP Object Injection resulting from deserialization of untrusted data. Impact is described as high ...

7.5CVSS5.9AI score0.00437EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/07/05 12:0 a.m.•7 views

WordPress WooCommerce Social Login Plugin <= 2.6.3 is vulnerable to PHP Object Injection

Software WooCommerce Social Login Type Plugin Vulnerable versions = 2.6.3 Fixed in 2.7.0 OWASP Top 10 A5: Security Misconfiguration Classification PHP Object Injection CVE CVE-2024-37502 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 642655a733d8 Credits Ananda Dhak...

5.4CVSS6.5AI score0.00437EPSS

Exploits0References1Affected Software1

CVE•added 2023/10/18 10:51 p.m.•54 views

CVE-2023-37502

The CVE-2023-37502 issue affects HCL Compass (file upload). The connected CNVD and CNNVD entries describe an unrestricted file upload vulnerability due to inadequate validation of uploaded files, enabling an attacker to upload files containing active code that could execute on the server (e.g., P...

9CVSS8.8AI score0.00089EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/10/18 10:51 p.m.•20 views

CVE-2023-37502 An unrestricted file upload vulnerability affects HCL Compass

HCL Compass is vulnerable to lack of file upload security. An attacker could upload files containing active code that can be executed by the server or by a user's web browser...

9CVSS7.3AI score0.00089EPSS

Exploits0References1

Cvelist•added 2023/10/18 10:51 p.m.•15 views

CVE-2023-37502 An unrestricted file upload vulnerability affects HCL Compass

HCL Compass is vulnerable to lack of file upload security. An attacker could upload files containing active code that can be executed by the server or by a user's web browser...

9CVSS9.3AI score0.00089EPSS

Exploits0References1

CVE•added 2023/02/03 12:0 a.m.•55 views

CVE-2021-37502

CVE-2021-37502 concerns automad 1.7.5. The vulnerability is a Cross-Site Scripting (XSS) flaw in the user-creation flow, exploitable via the username field when adding a new user. The root cause appears to be insufficient input validation/escaping in accounts.php, allowing injected JavaScript to ...

5.4CVSS5.3AI score0.00168EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by