CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4952 matches found

EUVD•added 2026/02/27 9:8 p.m.•8 views

EUVD-2026-9074

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.2.2, a malicious or compromised validator that is elected as proposer can publish a macro block proposal where header.bodyroot does not match the...

7.1CVSS6AI score0.00204EPSS

Exploits0References4

RedhatCVE•added 2026/02/26 10:14 a.m.•5 views

CVE-2026-1614

The Rise Blocks – A Complete Gutenberg Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘logoTag’ Site Identity block attribute in all versions up to, and including, 3.7 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.6AI score0.00156EPSS

Exploits0References1

EUVD•added 2026/02/25 9:30 a.m.•5 views

EUVD-2026-8624

6.4CVSS5.6AI score0.00156EPSS

Exploits0References3

NVD•added 2026/02/25 7:16 a.m.•10 views

CVE-2026-1614

6.4CVSS0.00156EPSS

Exploits0References2

Cvelist•added 2026/02/25 6:54 a.m.•22 views

CVE-2026-1614 Rise Blocks – A Complete Gutenberg Page Builder <= 3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Site Identity Block Attributes

6.4CVSS0.00156EPSS

Exploits0References2

ATTACKERKB•added 2026/02/25 6:54 a.m.•4 views

CVE-2026-1614

6.4CVSS5.6AI score0.00156EPSS

Exploits0References3

CVE•added 2026/02/25 6:54 a.m.•14 views

CVE-2026-1614

The CVE-2026-1614 entry concerns Rise Blocks – A Complete Gutenberg Page Builder (WordPress). It describes a Stored Cross-Site Scripting (Stored XSS) vulnerability in the Site Identity block attribute logoTag, exploitable by authenticated attackers with Contributor-level access and above. Affecte...

6.4CVSS5.6AI score0.00156EPSS

Exploits0References2

Vulnrichment•added 2026/02/25 6:54 a.m.•3 views

CVE-2026-1614 Rise Blocks – A Complete Gutenberg Page Builder <= 3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Site Identity Block Attributes

6.4CVSS5.6AI score0.00156EPSS

Exploits0References2

Positive Technologies•added 2026/02/25 12:0 a.m.•5 views

PT-2026-21881

6.4CVSS5.6AI score0.00156EPSS

Exploits0References3

CNNVD•added 2026/02/25 12:0 a.m.•9 views

WordPress plugin Rise Blocks 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.7AI score0.00156EPSS

Exploits0References2

Patchstack•added 2026/02/24 10:26 p.m.•5 views

WordPress Rise Blocks - A Complete Gutenberg Page Builder plugin <= 3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Site Identity Block Attributes vulnerability

WordPress Rise Blocks - A Complete Gutenberg Page Builder plugin = 3.7 - Authenticated Contributor+ Stored Cross-Site Scripting via Site Identity Block Attributes vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Rise Blocks versions = 3.7...

6.4CVSS5.3AI score0.00156EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2026/02/21 7:30 p.m.•4 views

CVE-2025-69390

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themebon Business Template Blocks for WPBakery Visual Composer Page Builder templates-and-addons-for-wpbakery-page-builder allows Reflected XSS.This issue affects Business Template Blocks for...

7.1CVSS5.5AI score0.00175EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 7:29 p.m.•4 views

CVE-2024-50452

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Stored XSS.This issue affects Nexter Blocks: from n/a through = 3.3.3...

6.5CVSS5.5AI score0.00215EPSS

Exploits0References1

Veracode•added 2026/02/21 5:6 a.m.•7 views

Remote Code Execution (RCE)

agpt Platform is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper validation in block execution endpoints that allow execution of disabled blocks by UUID without checking the disabled flag, which allows an authenticated attacker to execute the BlockInstallationBlock,...

9.4CVSS6.2AI score0.01147EPSS

Exploits1References7Affected Software1

NVD•added 2026/02/20 4:22 p.m.•3 views

CVE-2025-69390

7.1CVSS0.00175EPSS

Exploits0References1

NVD•added 2026/02/20 4:22 p.m.•5 views

CVE-2024-50452

6.5CVSS0.00215EPSS

Exploits0References1

CVE•added 2026/02/20 3:46 p.m.•12 views

CVE-2025-69390

CVE-2025-69390 affects the WordPress plugin 'Business Template Blocks for WPBakery (Visual Composer) Page Builder' (templates-and-addons-for-wpbakery-page-builder). It is a Reflected Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Affec...

7.1CVSS5.5AI score0.00175EPSS

Exploits0References1

Vulnrichment•added 2026/02/20 3:46 p.m.•4 views

CVE-2025-69390 WordPress Business Template Blocks for WPBakery (Visual Composer) Page Builder plugin <= 1.3.2 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS5.3AI score0.00175EPSS

Exploits0References1

Cvelist•added 2026/02/20 3:46 p.m.•22 views

CVE-2025-69390 WordPress Business Template Blocks for WPBakery (Visual Composer) Page Builder plugin <= 1.3.2 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00175EPSS

Exploits0References1

Vulnrichment•added 2026/02/20 3:46 p.m.•2 views

CVE-2024-50452 WordPress Nexter Blocks plugin <= 3.3.3 - Cross Site Scripting (XSS) vulnerability

6.5CVSS5.3AI score0.00215EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by