CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Circl•added 2024/12/17 12:51 p.m.•7 views

CVE-2024-47776

creationtimestamp| type| source ---|---|--- 2024-12-17 12:51:51+00:00| seen| https://github.blog/security/vulnerability-research/uncovering-gstreamer-secrets/...

9.1CVSS9.5AI score0.01139EPSS

Schneier on Security•added 2024/12/13 10:5 p.m.•9 views

Friday Squid Blogging: Biology and Ecology of the Colossal Squid

Good survey paper. Blog moderation policy...

7.3AI score

NVD•added 2024/12/13 3:15 p.m.•13 views

CVE-2024-54287

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Best WP Developer Advanced Blog Post Block advanced-blog-post-block allows Stored XSS.This issue affects Advanced Blog Post Block: from n/a through = 1.0.4...

6.5CVSS0.00362EPSS

Cvelist•added 2024/12/13 2:25 p.m.•13 views

CVE-2024-54287 WordPress Advanced Blog Post Block plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00362EPSS

CVE•added 2024/12/13 2:25 p.m.•35 views

CVE-2024-54287

CVE-2024-54287 describes an Authenticated Stored Cross‑Site Scripting (XSS) in the WordPress plugin Advanced Blog Post Block (block named “Advanced Blog Post Block”). Affected are versions up to and including 1.0.4 (listed as affected “from n/a through 1.0.4”). Exact root cause details are not pr...

6.5CVSS7.2AI score0.00362EPSS

CNNVD•added 2024/12/13 12:0 a.m.•2 views

WordPress plugin Advanced Blog Post Block 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.5CVSS7.8AI score0.00362EPSS

OSV•added 2024/12/12 5:15 a.m.•3 views

CVE-2024-11384

The Arena.IM – Live Blogging for real-time events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'arenablog' shortcode in all versions up to, and including, 0.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...

5.4CVSS5.9AI score

Malwarebytes•added 2024/12/11 10:28 p.m.•6 views

Test page title

Test page heading...

7.3AI score

Patchstack•added 2024/12/11 5:5 p.m.•2 views

WordPress Advanced Blog Post Block plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Advanced Blog Post Block versions = 1.0.4...

6.5CVSS6.1AI score0.00362EPSS

Exploits0Affected Software1

Akamai Blog•added 2024/12/11 10:20 a.m.•3 views

Supporting Cloud Growth in Japan: Tokyo Expansion

...

5.3AI score

Circl•added 2024/12/10 5:33 p.m.•10 views

CVE-2024-49093

creationtimestamp| type| source ---|---|--- 2024-12-10 17:33:56+00:00| seen| https://www.thezdi.com/blog/2024/12/10/the-december-2024-security-update-review 2024-12-10 19:52:33+00:00| seen| https://infosec.exchange/users/cve/statuses/113630272080441691 2025-09-16 23:16:38+00:00| seen|...

8.8CVSS8.9AI score0.00915EPSS

Circl•added 2024/12/10 5:33 p.m.•5 views

CVE-2024-49099

creationtimestamp| type| source ---|---|--- 2024-12-10 17:33:56+00:00| seen| https://www.thezdi.com/blog/2024/12/10/the-december-2024-security-update-review 2024-12-10 20:07:35+00:00| seen| https://infosec.exchange/users/cve/statuses/113630331160959221...

4.3CVSS6.8AI score0.0097EPSS

Circl•added 2024/12/10 5:33 p.m.•5 views

CVE-2024-49063

creationtimestamp| type| source ---|---|--- 2024-12-10 17:33:56+00:00| seen| https://www.thezdi.com/blog/2024/12/10/the-december-2024-security-update-review 2024-12-10 18:07:25+00:00| seen| https://infosec.exchange/users/cve/statuses/113629858660025338 2025-01-15 01:10:23+00:00| seen|...

8.4CVSS7.5AI score0.01623EPSS

Exploits0References3

Circl•added 2024/12/10 5:33 p.m.•11 views

CVE-2024-49085

creationtimestamp| type| source ---|---|--- 2024-12-10 17:33:56+00:00| seen| https://www.thezdi.com/blog/2024/12/10/the-december-2024-security-update-review 2024-12-10 19:22:30+00:00| seen| https://infosec.exchange/users/cve/statuses/113630153943686729...

8.8CVSS6.8AI score0.01543EPSS

Circl•added 2024/12/10 5:33 p.m.•12 views

CVE-2024-49103

creationtimestamp| type| source ---|---|--- 2024-12-10 17:33:56+00:00| seen| https://www.thezdi.com/blog/2024/12/10/the-december-2024-security-update-review 2024-12-10 20:22:35+00:00| seen| https://infosec.exchange/users/cve/statuses/113630390194786458...

4.3CVSS6.8AI score0.0097EPSS

Circl•added 2024/12/10 5:33 p.m.•11 views

CVE-2024-49083

creationtimestamp| type| source ---|---|--- 2024-12-10 17:33:56+00:00| seen| https://www.thezdi.com/blog/2024/12/10/the-december-2024-security-update-review 2024-12-10 19:07:30+00:00| seen| https://infosec.exchange/users/cve/statuses/113630094928067178 2025-01-08 19:16:35+00:00| seen|...

6.8CVSS4.7AI score0.0081EPSS

Exploits0References3

HackRead•added 2024/12/04 12:42 p.m.•9 views

Cisco Urges Immediate Patch for Decade-Old WebVPN Vulnerability

The vulnerability was first identified in 2014...

7.3AI score

Cvelist•added 2024/12/04 2:40 a.m.•18 views

CVE-2024-10663 Eleblog – Elementor Blog And Magazine Addons <= 1.8 - Missing Authorization to Authenticated (Subscriber+) Deactivation Submission

The Eleblog – Elementor Blog And Magazine Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the goodbyeformcallback function in all versions up to, and including, 1.8. This makes it possible for authenticated attackers, with...

4.3CVSS0.00239EPSS