CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-50057

Malicious code in bioql PyPI...

6.1CVSS8.6AI score0.01989EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 6:40 a.m.•3 views

CVE-2024-9615

The BulkPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 0.3.5. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...

6.1CVSS6.4AI score0.01989EPSS

Exploits0References1

NVD•added 2024/11/16 4:15 a.m.•18 views

CVE-2024-9615

6.1CVSS0.01989EPSS

Exploits0References2

Vulnrichment•added 2024/11/16 3:20 a.m.•15 views

CVE-2024-9615 BulkPress <= 0.3.5 - Reflected Cross-Site Scripting

6.1CVSS6.4AI score0.01989EPSS

Exploits0References2

CVE•added 2024/11/16 3:20 a.m.•50 views

CVE-2024-9615

CVE-2024-9615 (BulkPress) affects the WordPress plugin BulkPress up to version 0.3.5. Root cause: use of add_query_arg without proper escaping in URLs, enabling Reflected Cross-Site Scripting. Impact: unauthenticated attackers can inject scripts into pages executed when a user clicks a manipulate...

6.1CVSS6AI score0.01989EPSS

Exploits0References2

Cvelist•added 2024/11/16 3:20 a.m.•13 views

CVE-2024-9615 BulkPress <= 0.3.5 - Reflected Cross-Site Scripting

6.1CVSS0.01989EPSS

Exploits0References2

CNNVD•added 2024/11/16 12:0 a.m.•0 views

WordPress plugin BulkPress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

6.1CVSS7.6AI score0.01989EPSS

Exploits0References2

Patchstack•added 2024/11/15 9:26 p.m.•3 views

WordPress BulkPress plugin <= 0.3.5 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin BulkPress versions = 0.3.5...

6.1CVSS6.3AI score0.01989EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/11/15 12:0 a.m.•2 views

PT-2024-39720 · WordPress · Bulkpress

Name of the Vulnerable Software and Affected Versions: BulkPress plugin for WordPress versions up to, and including, 0.3.5 Description: The issue arises from the use of add query arg without proper escaping on the URL, allowing unauthenticated attackers to inject arbitrary web scripts into pages...

6.1CVSS8.7AI score0.01989EPSS

Exploits0References6

Patchstack•added 2024/11/15 12:0 a.m.•12 views

WordPress BulkPress Plugin <= 0.3.5 is vulnerable to Cross Site Scripting (XSS)

Software BulkPress Type Plugin Vulnerable versions = 0.3.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9615 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 569ddc3d9617 Credits vgo0 Required privilege...

6.1CVSS5.9AI score0.01989EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by