CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

Cryptocurrency Widgets Pack < 2.0 - SQL Injection

The plugin does not sanitise and escape some parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. id: CVE-2022-4059 info: name: Cryptocurrency Widgets Pack 2.0 - SQL Injection author: r3Y3r53 severity: critical description...

9.8CVSS7.3AI score0.56563EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-17240

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00143EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-8823

Malicious code in bioql PyPI...

6.5CVSS8.7AI score0.00147EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-30703

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00042EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-26910

Malicious code in bioql PyPI...

6.5CVSS8.7AI score0.00178EPSS

Exploits0References1

RedhatCVE•added 2025/09/24 6:30 p.m.•2 views

CVE-2025-57939

Missing Authorization vulnerability in Blocksera Image Hover Effects – Elementor Addon image-hover-effects-addon-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Hover Effects – Elementor Addon: from n/a through = 1.4.4...

5.3CVSS5.9AI score0.00042EPSS

Exploits0References1

NVD•added 2025/09/22 7:15 p.m.•1 views

CVE-2025-57939

5.3CVSS0.00042EPSS

Exploits0References1

Positive Technologies•added 2025/09/22 12:0 a.m.•2 views

PT-2025-38789

Name of the Vulnerable Software and Affected Versions Blocksera Image Hover Effects – Elementor Addon versions through 1.4.4 Description The software contains a missing authorization issue related to incorrectly configured access control security levels. Recommendations At the moment, there is no...

5.3CVSS6.3AI score0.00042EPSS

Exploits0References3

RedhatCVE•added 2025/06/08 1:18 p.m.•3 views

CVE-2025-31025

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Blocksera Image Hover Effects Block image-hover-effects-block allows Stored XSS.This issue affects Image Hover Effects Block: from n/a through = 1.4.5...

6.5CVSS5.9AI score0.00143EPSS

Exploits0References1

NVD•added 2025/06/06 1:15 p.m.•3 views

CVE-2025-31025

6.5CVSS0.00143EPSS

Exploits0References1

CVE•added 2025/06/06 12:53 p.m.•35 views

CVE-2025-31025

CVE-2025-31025 refers to a Stored XSS in the WordPress plugin “Image Hover Effects Block.” The connected Wordfence vulnerability listing confirms: affected software is Image Hover Effects Block, vulnerable version

6.5CVSS5.9AI score0.00143EPSS

Exploits0References1

Positive Technologies•added 2025/06/06 12:0 a.m.•1 views

PT-2025-24196 · Blocksera · Blocksera Image Hover Effects Block

Name of the Vulnerable Software and Affected Versions: Blocksera Image Hover Effects Block versions 1.4.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...

6.5CVSS6.2AI score0.00143EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 8:56 a.m.•5 views

CVE-2024-29936

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Blocksera Image Hover Effects – Elementor Addon allows Stored XSS.This issue affects Image Hover Effects – Elementor Addon: from n/a through 1.4...

6.5CVSS8.6AI score0.00178EPSS

Exploits0References1

RedhatCVE•added 2025/04/02 1:42 p.m.•10 views

CVE-2025-31539

Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack cryptocurrency-widgets-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets Pack: from n/a through = 2.0.1...

6.5CVSS7.2AI score0.00147EPSS

Exploits0References1

NVD•added 2025/03/31 1:15 p.m.•3 views

CVE-2025-31539

6.5CVSS0.00147EPSS

Exploits0References1

CVE•added 2025/03/31 12:55 p.m.•57 views

CVE-2025-31539

CVE-2025-31539 concerns a Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack (WordPress). Affected: Blocksera Widgets Pack versions from n/a up to 2.0.1. Root cause: Incorrectly configured access control security levels leading to Missing Authorization. Impact: CVSS 3.1 ...

6.5CVSS7.2AI score0.00147EPSS

Exploits0References1

CNNVD•added 2025/03/31 12:0 a.m.•1 views

WordPress plugin Blocksera Cryptocurrency Widgets Pack 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS8.3AI score0.00147EPSS

Exploits0References1

NVD•added 2024/03/27 11:15 a.m.•8 views

CVE-2024-29936

6.5CVSS6.4AI score0.00178EPSS

Exploits0References1

CVE•added 2024/03/27 10:19 a.m.•52 views

CVE-2024-29936

CVE-2024-29936 corresponds to a Stored XSS in the Image Hover Effects – Elementor Addon. Affected product: Image Hover Effects – Elementor Addon (

6.5CVSS8.6AI score0.00178EPSS

Exploits0References1

Rows per page