CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2026/06/05 7:28 p.m.•6 views

CVE-2026-4071

The BirdSeed plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.0. This is due to missing nonce validation in the birdseedpluginsettingspage function. The function processes the 'birdseedtoken' GET parameter and saves it to the database via...

4.3CVSS5.4AI score0.00131EPSS

Exploits0References1

NVD•added 2026/06/02 9:16 a.m.•10 views

CVE-2026-4071

4.3CVSS0.00131EPSS

Exploits0References5

ATTACKERKB•added 2026/06/02 7:48 a.m.•6 views

CVE-2026-4071

4.3CVSS5.7AI score0.00131EPSS

Exploits0References6

CVE•added 2026/06/02 7:48 a.m.•18 views

CVE-2026-4071

The BirdSeed WordPress plugin is affected by a Cross-Site Request Forgery in all versions up to and including 2.2.0. The root cause is missing nonce validation in the birdseed_plugin_settings_page() function, which processes the birdseed_token GET parameter and saves it via update_option() withou...

4.3CVSS5.7AI score0.00131EPSS

Exploits0References5

Cvelist•added 2026/06/02 7:48 a.m.•37 views

CVE-2026-4071 BirdSeed <= 2.2.0 - Cross-Site Request Forgery via BirdSeed Token Change

4.3CVSS0.00131EPSS

Exploits0References5

EUVD•added 2026/06/02 7:48 a.m.•10 views

EUVD-2026-33888

4.3CVSS5.7AI score0.00131EPSS

Exploits0References5

CNNVD•added 2026/06/02 12:0 a.m.•5 views

WordPress plugin BirdSeed 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.3AI score0.00131EPSS

Exploits0References5