CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-40629

Malicious code in bioql PyPI...

7.1CVSS6.9AI score0.00105EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-40628

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.00171EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:3 a.m.•4 views

CVE-2023-36685

Cross-Site Request Forgery CSRF vulnerability in Brainstorm Force US LLC CartFlows Pro allows Cross Site Request Forgery.This issue affects CartFlows Pro: from n/a through 1.11.12...

8.8CVSS8.5AI score0.00171EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:3 a.m.•6 views

CVE-2023-36686

Unauth. Reflected Cross-Site Scripting XSS vulnerability in CartFlows Pro plugin = 1.11.11 versions...

7.1CVSS5.9AI score0.00105EPSS

Exploits0

OSV•added 2023/11/30 2:15 p.m.•0 views

CVE-2023-36685

Cross-Site Request Forgery CSRF vulnerability in Brainstorm Force US LLC CartFlows Pro allows Cross Site Request Forgery.This issue affects CartFlows Pro: from n/a through 1.11.12...

8.8CVSS7.3AI score

Exploits0References1

NVD•added 2023/11/30 2:15 p.m.•14 views

CVE-2023-36685

Cross-Site Request Forgery CSRF vulnerability in Brainstorm Force US LLC CartFlows Pro allows Cross Site Request Forgery.This issue affects CartFlows Pro: from n/a through 1.11.12...

8.8CVSS0.00171EPSS

Exploits0References1

Prion•added 2023/11/30 2:15 p.m.•20 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Brainstorm Force US LLC CartFlows Pro allows Cross Site Request Forgery.This issue affects CartFlows Pro: from n/a through 1.11.12...

6.8CVSS7.2AI score0.00171EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/11/30 1:41 p.m.•20 views

CVE-2023-36685 WordPress CartFlows Pro Plugin <= 1.11.12 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Brainstorm Force US LLC CartFlows Pro allows Cross Site Request Forgery.This issue affects CartFlows Pro: from n/a through 1.11.12...

4.3CVSS8.9AI score0.00171EPSS

Exploits0References1

CVE•added 2023/11/30 1:41 p.m.•48 views

CVE-2023-36685

CVE-2023-36685 – CartFlows Pro CSRF (WordPress) A CSRF vulnerability exists in Brainstorm Force US LLC CartFlows Pro插件, affecting CartFlows Pro versions up to 1.11.12. The CVE indicates unauthenticated CSRF could impact users, with high impact on confidentiality, integrity, and availability per N...

8.8CVSS8.5AI score0.00171EPSS

Exploits0References1Affected Software1

WPVulnDB•added 2023/08/07 12:0 a.m.•13 views

CartFlows Pro < 1.11.12 - Reflected Cross-Site Scripting

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.8AI score0.00105EPSS

Exploits0Affected Software1

OSV•added 2023/08/05 11:15 p.m.•1 views

CVE-2023-36686

Unauth. Reflected Cross-Site Scripting XSS vulnerability in CartFlows Pro plugin = 1.11.11 versions...

6.1CVSS7.3AI score0.00105EPSS

Exploits0References1

NVD•added 2023/08/05 11:15 p.m.•16 views

CVE-2023-36686

Unauth. Reflected Cross-Site Scripting XSS vulnerability in CartFlows Pro plugin = 1.11.11 versions...

7.1CVSS6.2AI score0.00105EPSS

Exploits0References1

Prion•added 2023/08/05 11:15 p.m.•10 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in CartFlows Pro plugin = 1.11.11 versions...

5.8CVSS6AI score0.00105EPSS

Exploits0References1Affected Software1

CVE•added 2023/08/05 10:28 p.m.•46 views

CVE-2023-36686

CartFlows Pro (WordPress) vulnerability CVE-2023-36686 is an unauthenticated, reflected XSS affecting versions = 1.11.12 to remediate the flaw. No exploitation details are provided in the sources; in-the-wild exploit status is not confirmed within the supplied documents.

7.1CVSS6.1AI score0.00105EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/08/05 10:28 p.m.•13 views

CVE-2023-36686 WordPress CartFlows Pro Plugin <= 1.11.11 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in CartFlows Pro plugin = 1.11.11 versions...

7.1CVSS5.8AI score0.00105EPSS

Exploits0References1

Cvelist•added 2023/08/05 10:28 p.m.•13 views

CVE-2023-36686 WordPress CartFlows Pro Plugin <= 1.11.11 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in CartFlows Pro plugin = 1.11.11 versions...

7.1CVSS6.3AI score0.00105EPSS

Exploits0References1

Positive Technologies•added 2023/08/05 12:0 a.m.•2 views

PT-2023-25679 · WordPress · Cartflows Pro

Name of the Vulnerable Software and Affected Versions: CartFlows Pro plugin versions = 1.11.11 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a website, potentially...

7.1CVSS6.1AI score0.00105EPSS

Exploits0References4

CNNVD•added 2023/08/05 12:0 a.m.•3 views

WordPress plugin CartFlows Pro Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6AI score0.00105EPSS

Exploits0References2

Patchstack•added 2023/07/27 12:0 a.m.•10 views

WordPress CartFlows Pro Plugin <= 1.11.12 is vulnerable to Cross Site Request Forgery (CSRF)

Software CartFlows Pro Type Plugin Vulnerable versions = 1.11.12 Fixed in 1.11.13 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-36685 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 55367cef894b Credits Rafie Muhammad...

8.8CVSS7AI score0.00171EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/07/16 12:0 a.m.•8 views

WordPress CartFlows Pro Plugin <= 1.11.11 is vulnerable to Cross Site Scripting (XSS)

Software CartFlows Pro Type Plugin Vulnerable versions = 1.11.11 Fixed in 1.11.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-36686 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fde18e13d181 Credits Rafie Muhammad...

7.1CVSS5.6AI score0.00105EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by