Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12 matches found

CVE
CVEadded 2026/04/20 6:0 a.m.8 views

CVE-2024-7083

The CVE-2024-7083 issue affects the WordPress Email Encoder (Email Encoder Bundle) plugin, prior to version 2.3.4. Root cause: insufficient sanitization/escaping of certain settings, enabling Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (such as in mul...

3.5CVSS5.7AI score0.00213EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/18 6:31 p.m.4 views

EUVD-2025-208829

MuraCMS through 10.1.10 contains a CSRF vulnerability in the Add To Group functionality for user management cUsers.cfc addToGroup method that allows attackers to escalate privileges by adding any user to any group without proper authorization checks. The vulnerable function lacks CSRF token...

5.9AI score0.00128EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.7 views

EUVD-2023-58844

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00401EPSS
Exploits2References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-54252

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00402EPSS
Exploits2References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-53912

Malicious code in bioql PyPI...

6.1CVSS9.2AI score0.0061EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2023-59333

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.0046EPSS
Exploits2References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2022-34673

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00493EPSS
Exploits2References1
Cvelist
Cvelistadded 2025/05/15 8:6 p.m.11 views

CVE-2024-10054 Happyforms < 1.26.3 - Admin+ Stored XSS

The Happyforms WordPress plugin before 1.26.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00266EPSS
Exploits1References1
NVD
NVDadded 2025/03/13 6:15 a.m.7 views

CVE-2025-1486

The WoWPth WordPress plugin through 2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS0.00253EPSS
Exploits1References1
NVD
NVDadded 2025/02/26 1:15 p.m.7 views

CVE-2024-13624

The WPMovieLibrary WordPress plugin through 2.1.4.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS0.00654EPSS
Exploits1References1
OSV
OSVadded 2025/02/04 6:15 a.m.2 views

CVE-2024-13330

The JustRows free WordPress plugin through 0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS7.3AI score0.0055EPSS
Exploits1References1
OSV
OSVadded 2022/12/26 1:15 p.m.3 views

CVE-2022-4042

The Paytium: Mollie payment forms & donations WordPress plugin before 4.3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

4.8CVSS5.8AI score0.0047EPSS
Exploits2References1
Rows per page
Query Builder