CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3642 matches found

CNNVD•added 2025/01/22 12:0 a.m.•2 views

WordPress plugin Image Gallery Box by CRUDLab 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

7.5CVSS7.9AI score0.00799EPSS

Exploits0References2

NVD•added 2025/01/21 2:15 p.m.•7 views

CVE-2025-22318

Missing Authorization vulnerability in enituretechnology Standard Box Sizes – for WooCommerce standard-box-sizes.This issue affects Standard Box Sizes – for WooCommerce: from n/a through = 1.6.13...

7.5CVSS0.00296EPSS

Exploits0References1

NVD•added 2025/01/21 2:15 p.m.•10 views

CVE-2025-22706

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iova.mihai Social Pug: Author Box allows Reflected XSS. This issue affects Social Pug: Author Box: from n/a through 1.0.0...

7.1CVSS0.00246EPSS

Exploits0References1

CVE•added 2025/01/21 1:57 p.m.•50 views

CVE-2025-22706

CVE-2025-22706 describes a reflected Cross-Site Scripting vulnerability in the Social Pug: Author Box component of Social Pug. The root cause is improper neutralization of input during web page generation, enabling reflected XSS. Affected product: Social Pug: Author Box (Social Pug) with versions...

7.1CVSS8.6AI score0.00246EPSS

Exploits0References1

Cvelist•added 2025/01/21 1:57 p.m.•14 views

CVE-2025-22706 WordPress Social Pug: Author Box plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00246EPSS

Exploits0References1

Vulnrichment•added 2025/01/21 1:57 p.m.•4 views

CVE-2025-22706 WordPress Social Pug: Author Box plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS7AI score0.00246EPSS

Exploits0References1

CNNVD•added 2025/01/21 12:0 a.m.•2 views

WordPress plugin Social Pug: Author Box 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Social Pug: A cross-site...

7.1CVSS7.7AI score0.00246EPSS

Exploits0References2

CNNVD•added 2025/01/21 12:0 a.m.•4 views

WordPress plugin Standard Box Sizes – for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

7.5CVSS8.2AI score0.00296EPSS

Exploits0References2

OpenVAS•added 2025/01/20 12:0 a.m.•22 views

AVM FRITZ!Box Information Disclosure Vulnerability (Nov 2024) - Active Check

AVM FRITZ!Box devices are prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS5.4AI score0.01772EPSS

Exploits0References1

Patchstack•added 2025/01/16 6:43 p.m.•2 views

WordPress Image Gallery Box by CRUDLab Plugin <= 1.0.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin Image Gallery Box by CRUDLab versions = 1.0.3...

7.5CVSS7AI score0.00799EPSS

Exploits0Affected Software1

Patchstack•added 2025/01/16 6:42 p.m.•2 views

WordPress CRUDLab Like Box Plugin <= 2.0.9 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin CRUDLab Like Box versions = 2.0.9...

7.1CVSS6.1AI score0.00363EPSS

Exploits0Affected Software1

Patchstack•added 2025/01/16 6:41 p.m.•2 views

WordPress all-in-one-box-login plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin all-in-one-box-login versions = 2.0.1...

7.1CVSS6.1AI score0.00342EPSS

Exploits0Affected Software1

Patchstack•added 2025/01/15 5:7 p.m.•2 views

WordPress Social Pug: Author Box plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Social Pug: Author Box versions = 1.0.0...

7.1CVSS6.1AI score0.00246EPSS

Exploits0Affected Software1

Microsoft KB•added 2025/01/14 8:0 a.m.•27 views

Description of the security update for SharePoint Server Subscription Edition: January 14, 2025 (KB5002676)

Description of the security update for SharePoint Server Subscription Edition: January 14, 2025 KB5002676 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft SharePoint Server spoofing vulnerability. To learn more about the...

7.8CVSS8AI score0.01742EPSS

Exploits0

OSV•added 2025/01/14 1:15 a.m.•1 views

DEBIAN-CVE-2024-57643

An issue in the boxdeserializestring component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS7.5AI score0.0088EPSS

Exploits1References1

CNNVD•added 2025/01/13 12:0 a.m.•2 views

OpenLink Virtuoso-opensource 安全漏洞

OpenLink Virtuoso-opensource is OpenLink Software's is a powerful multi-model database and middleware platform for a variety of application scenarios that require high-performance data processing and complex data model support. A security vulnerability exists in OpenLink Virtuoso-opensource versi...

7.5CVSS7.5AI score0.0088EPSS

Exploits1References2

NVD•added 2025/01/07 10:15 a.m.•5 views

CVE-2024-12699

The Service Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary...

6.4CVSS0.00325EPSS

Exploits0References3

Cvelist•added 2025/01/07 9:22 a.m.•12 views

CVE-2024-12699 Service Box <= 1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS0.00325EPSS

Exploits0References3

Vulnrichment•added 2025/01/07 9:22 a.m.•4 views

CVE-2024-12699 Service Box <= 1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS5.8AI score0.00325EPSS

Exploits0References3

Positive Technologies•added 2025/01/07 12:0 a.m.•3 views

PT-2025-1928 · WordPress · Service Box

Name of the Vulnerable Software and Affected Versions: Service Box plugin for WordPress versions up to, and including, 1.9 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows authenticated attackers with...

6.4CVSS6.2AI score0.00325EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by