CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

Circl•added 2025/12/09 7:58 a.m.•2 views

CVE-2025-41697

creationtimestamp| type| source ---|---|--- 2025-12-09 07:58:11+00:00| seen| https://infosec.exchange/users/certvde/statuses/115688544042508118 2025-12-09 11:41:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7khlisvzr2n 2025-12-18 14:29:08+00:00| seen|...

6.8CVSS5.8AI score0.00026EPSS

Exploits0References3

EUVD•added 2025/11/10 4:5 a.m.•1 views

EUVD-2025-41697

Malicious code in andi-getuk96-sukiwir npm...

6.6AI score

Exploits0

RedhatCVE•added 2025/05/23 5:13 a.m.•9 views

CVE-2023-41697

Cross-Site Request Forgery CSRF vulnerability in Nikunj Soni Easy WP Cleaner plugin = 1.9 versions...

8.8CVSS7.1AI score0.00147EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 6:48 p.m.•4 views

CVE-2021-41697

A reflected Cross Site Scripting XSS vulnerability exists in Premiumdatingscript 4.2.7.7 via the aerrordescription parameter in assets/sources/instagram.php script...

6.1CVSS5.9AI score0.0024EPSS

Exploits1

Circl•added 2024/08/20 2:37 p.m.•0 views

CVE-2024-41697

creationtimestamp| type| source ---|---|--- 2024-08-20 14:37:02+00:00| seen| https://t.me/cvedetector/3614...

6.1CVSS4.8AI score0.00259EPSS

Exploits0References1

OSV•added 2024/08/20 12:15 p.m.•1 views

CVE-2024-41697

Priority - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS...

6.1CVSS5.8AI score

Exploits0References1

NVD•added 2024/08/20 12:15 p.m.•25 views

CVE-2024-41697

Priority - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS...

6.1CVSS0.00259EPSS

Exploits0References1

Vulnrichment•added 2024/08/20 11:48 a.m.•15 views

CVE-2024-41697 Priority – CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

Priority - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS...

6.1CVSS6.8AI score0.00259EPSS

Exploits0References1

Circl•added 2023/10/10 12:30 p.m.•0 views

CVE-2023-41697

creationtimestamp| type| source ---|---|--- 2023-10-10 12:30:04+00:00| seen| https://t.me/cibsecurity/71901...

8.8CVSS8.6AI score0.00147EPSS

Exploits0References1

NVD•added 2023/10/10 8:15 a.m.•7 views

CVE-2023-41697

Cross-Site Request Forgery CSRF vulnerability in Nikunj Soni Easy WP Cleaner plugin = 1.9 versions...

8.8CVSS5.8AI score0.00147EPSS

Exploits0References1

CVE•added 2023/10/10 7:39 a.m.•31 views

CVE-2023-41697

CVE-2023-41697: CSRF in Easy WP Cleaner plugin for WordPress (versions <= 1.9). Exploitation requires no privileges and is unauthenticated; CSRF could enable unintended actions on affected sites. Connected sources confirm the issue as CSRF and indicate versions

8.8CVSS6.4AI score0.00147EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/09/05 12:0 a.m.•6 views

WordPress Easy WP Cleaner Plugin <= 1.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software Easy WP Cleaner Type Plugin Vulnerable versions = 1.9 Fixed in 2.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-41697 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 515d5d148a8d Credits Mika Required privilege...

8.8CVSS6.6AI score0.00147EPSS

Exploits0References2Affected Software1

CVE•added 2022/12/23 11:3 p.m.•86 views

CVE-2022-41697

CVE-2022-41697 affects Ghost CMS 5.9.4, where the login flow returns distinct error messages that allow attacker-driven user enumeration. The Nuclei template and related sources confirm a vulnerability in Ghost’s authentication, enabling an attacker to determine valid usernames/emails via special...

5.3CVSS5AI score0.18554EPSS

Exploits2References1Affected Software1

Vulnrichment•added 2022/12/23 11:3 p.m.•5 views

CVE-2022-41697

A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send a series of HTTP requests to trigger this vulnerability...

5.3CVSS5.1AI score0.18554EPSS

Exploits2References1

Circl•added 2022/12/22 12:13 p.m.•2 views

CVE-2022-41697

creationtimestamp| type| source ---|---|--- 2022-12-22 12:13:32+00:00| seen| https://t.me/cibsecurity/55107 2026-01-20 14:01:28+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-41697.yaml 2026-01-21 21:03:00+00:00| seen|...

5.3CVSS5.6AI score0.18554EPSS

Exploits2References3

The Hacker News•added 2022/12/22 10:9 a.m.•55 views

Two New Security Flaws Reported in Ghost CMS Blogging Software

Cybersecurity researchers have detailed two security flaws in the JavaScript-based blogging platform known as Ghost, one of which could be abused to elevate privileges via specially crafted HTTP requests. Ghost is an open source blogging platform that's used in more than 52,600 live websites, mos...

0.5AI score0.18554EPSS

Exploits3

Circl•added 2021/12/09 6:24 p.m.•0 views

CVE-2021-41697

creationtimestamp| type| source ---|---|--- 2021-12-09 18:24:11+00:00| seen| https://t.me/cibsecurity/33702...

6.1CVSS6.1AI score0.0024EPSS

Exploits1References1

NVD•added 2021/12/09 4:15 p.m.•11 views

CVE-2021-41697

A reflected Cross Site Scripting XSS vulnerability exists in Premiumdatingscript 4.2.7.7 via the aerrordescription parameter in assets/sources/instagram.php script...

6.1CVSS0.0024EPSS

Exploits1References1

CVE•added 2021/12/09 3:35 p.m.•32 views

CVE-2021-41697

A reflected Cross Site Scripting (XSS) vulnerability exists in Belloo/Premiumdatingscript around version 4.2.7.7, exploitable via the aerror_description parameter in assets/sources/instagram.php. Sources in CNVD/CNNVD/Red Hat/CVE listings describe a client-side JavaScript execution risk due to in...

6.1CVSS5.9AI score0.0024EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by