CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

72 matches found

GithubExploit•added 6 days ago•59 views

Exploit for Code Injection in Backupbliss Backup_Migration

WordPressBackupMigration-RCEUnauth...

9.8CVSS5.8AI score0.93531EPSS

Exploits14

Circl•added 2026/04/21 11:16 a.m.•0 views

CVE-2026-6553

creationtimestamp| type| source ---|---|--- 2026-04-21 11:16:33+00:00| published-proof-of-concept| Telegram/Kfu-jY0-fwjq6nikv0Y5FAaiWBVRI0K7iXQovwBJu867kaE...

7.5CVSS4.8AI score0.0002EPSS

Exploits0

NVD•added 2026/04/21 10:16 a.m.•4 views

CVE-2026-6553

Changing backend users' passwords via the user settings module results in storing the cleartext password in the uc and usersettings fields of the beusers database table. This issue affects TYPO3 CMS version 14.2.0...

7.5CVSS0.0002EPSS

Exploits0References2

OSV•added 2026/03/19 2:15 p.m.•1 views

MINI-6553-G45J-M7P2

Bulletin has no description...

9.1CVSS5.7AI score0.0002EPSS

Exploits1

Exploit DB•added 2026/03/03 12:0 a.m.•159 views

WordPress Backup Migration 1.3.7 - Remote Command Execution

Exploit Title: WordPress Backup Migration 1.3.7 - Remote Command Execution Date: 2025-10-26 Exploit Author: DANG Vendor Homepage: https://backupbliss.com/ Software Link: https://wordpress.org/plugins/backup-backup/ Version: Backup Migration ≤1.3.7 Tested on: LINUX CVE : CVE-2023-6553 This module...

9.8CVSS5.9AI score0.93531EPSS

Exploits14

Circl•added 2025/10/11 9:17 a.m.•1 views

CVE-2025-6553

creationtimestamp| type| source ---|---|--- 2025-10-11 09:17:20+00:00| seen| Telegram/3LgvelQfwrsVcy3NYZJ1pT4IoT0-HumiarWdZJocbY-Noqs...

9.8CVSS4.8AI score0.00499EPSS

Exploits0

Patchstack•added 2025/10/10 11:36 p.m.•4 views

WordPress Ovatheme Events Manager plugin <= 1.8.5 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Foxyyy in WordPress Plugin Ovatheme Events Manager versions = 1.8.5...

9.8CVSS6.8AI score0.00499EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/05/23 8:2 a.m.•5 views

CVE-2024-6553

The WP Meteor Website Speed Optimization Addon plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.4.3.This is due to the plugin utilizing wpdesk and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to...

5.3CVSS6.5AI score0.00746EPSS

Exploits0References1

GithubExploit•added 2024/11/07 3:28 a.m.•492 views

Exploit for CVE-2023-6553

CVE-2023-6553 Exploit Development for CVE-2023-6553 on Backup...

9.8CVSS9.8AI score0.93531EPSS

Exploits14

Tenable Nessus•added 2024/10/09 12:0 a.m.•17 views

CentOS 6 : chromium-browser (RHSA-2020:3560)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3560 advisory. - Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...

9.3CVSS7.9AI score0.22641EPSS

Exploits1References16

Circl•added 2024/07/24 9:57 a.m.•0 views

CVE-2024-6553

creationtimestamp| type| source ---|---|--- 2024-07-24 09:57:39+00:00| seen| https://t.me/cvedetector/1545...

5.3CVSS4.8AI score0.00746EPSS

Exploits0References1

OSV•added 2024/07/24 7:15 a.m.•1 views

CVE-2024-6553

5.3CVSS5.8AI score

Exploits0References2

Vulnrichment•added 2024/07/24 6:42 a.m.•12 views

CVE-2024-6553 WP Meteor Website Speed Optimization Addon <= 3.4.3 - Unauthenticated Full Path Disclosure

5.3CVSS6.6AI score0.00746EPSS

Exploits0References2

Patchstack•added 2024/07/24 12:0 a.m.•7 views

WordPress WP Meteor Page Speed Optimization Topping Plugin <= 3.4.3 is vulnerable to Sensitive Data Exposure

Software WP Meteor Page Speed Optimization Topping Type Plugin Vulnerable versions = 3.4.3 Fixed in 3.4.4 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6553 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 1299014de04b Credits...

5.3CVSS6.6AI score0.00746EPSS

Exploits0References3Affected Software1

Tenable Nessus•added 2024/07/24 12:0 a.m.•16 views

Photon OS 4.0: Cups PHSA-2023-4.0-0425

An update of the cups package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0425. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

8.8CVSS7AI score0.00148EPSS

Exploits0References6

GithubExploit•added 2024/06/29 5:1 p.m.•280 views

Exploit for CVE-2023-6553

CVE-2023-6553 Due to a incorrect include statement in the "...

9.8CVSS8.2AI score0.93531EPSS

Exploits14

OpenVAS•added 2024/04/22 12:0 a.m.•23 views

WordPress Backup Migration Plugin < 1.3.8 RCE Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:backupbliss:backupmigration"; if description...

9.8CVSS9.6AI score0.93531EPSS

Exploits14References1

Packet Storm•added 2024/01/18 12:0 a.m.•544 views

WordPress Backup Migration 1.3.7 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Backup Migration Plugin PHP Filter Chain RCE', 'Description' = %q This module exploits an unauth RCE in the WordPress plugin: Backup...

9.8CVSS7.4AI score0.93531EPSS

Exploits14

GithubExploit•added 2023/12/27 2:14 p.m.•608 views

Exploit for CVE-2023-6553

CVE-2023-6553 PoC LFI to RCE Unauthenticated Remote Code Ex...

9.8CVSS9.8AI score0.93531EPSS

Exploits14