CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2025/03/14 7:56 p.m.•52 views

CVE-2025-2078

The BlogBuzzTime for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissio...

4.8CVSS5.7AI score0.00234EPSS

Exploits0References1

OSV•added 2025/03/12 4:15 a.m.•1 views

CVE-2025-2078

4.8CVSS7.3AI score0.00234EPSS

Exploits0References2

NVD•added 2025/03/12 4:15 a.m.•9 views

CVE-2025-2078

4.8CVSS0.00234EPSS

Exploits0References2

Vulnrichment•added 2025/03/12 3:21 a.m.•8 views

CVE-2025-2078 BlogBuzzTime-for-wp <= 1.1 - Authenticated (Admin+) Stored Cross-Site Scripting

4.4CVSS4.3AI score0.00234EPSS

Exploits0References2

Cvelist•added 2025/03/12 3:21 a.m.•20 views

CVE-2025-2078 BlogBuzzTime-for-wp <= 1.1 - Authenticated (Admin+) Stored Cross-Site Scripting

4.4CVSS0.00234EPSS

Exploits0References2

CNNVD•added 2025/03/12 12:0 a.m.•2 views

WordPress plugin BlogBuzzTime for WP 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

4.8CVSS8.2AI score0.00234EPSS

Exploits0References2

Positive Technologies•added 2025/03/12 12:0 a.m.•4 views

PT-2025-10993 · WordPress · Blogbuzztime

Name of the Vulnerable Software and Affected Versions: BlogBuzzTime for WP plugin for WordPress versions up to, and including, 1.1 Description: The issue is related to Stored Cross-Site Scripting via admin settings due to insufficient input sanitization and output escaping. This allows...

4.8CVSS7.9AI score0.00234EPSS

Exploits0References6