CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

31 matches found

CNVD•added 2025/12/26 12:0 a.m.•0 views

WordPress Category Icon Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress Category Icon, which stems from improper input neutralization during page generation; no detailed vulnerability details...

5.4CVSS5.7AI score0.00027EPSS

Exploits0References1

Patchstack•added 2025/12/25 6:34 p.m.•3 views

WordPress Category Icon plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Category Icon versions = 1.0.2...

5.4CVSS5.8AI score0.00027EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/12/25 1:23 p.m.•2 views

CVE-2025-68525

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pixelgrade Category Icon category-icon allows Stored XSS.This issue affects Category Icon: from n/a through = 1.0.2...

5.9CVSS6AI score0.00027EPSS

Exploits0References1

EUVD•added 2025/12/24 3:30 p.m.•1 views

EUVD-2025-205196

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pixelgrade Category Icon category-icon allows Stored XSS.This issue affects Category Icon: from n/a through = 1.0.2...

5.4CVSS5.5AI score0.00027EPSS

Exploits0References2

NVD•added 2025/12/24 1:16 p.m.•1 views

CVE-2025-68525

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pixelgrade Category Icon category-icon allows Stored XSS.This issue affects Category Icon: from n/a through = 1.0.2...

5.9CVSS0.00027EPSS

Exploits0References1

Cvelist•added 2025/12/24 12:31 p.m.•22 views

CVE-2025-68525 WordPress Category Icon plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pixelgrade Category Icon category-icon allows Stored XSS.This issue affects Category Icon: from n/a through = 1.0.2...

5.9CVSS0.00027EPSS

Exploits0References1

Vulnrichment•added 2025/12/24 12:31 p.m.•1 views

CVE-2025-68525 WordPress Category Icon plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pixelgrade Category Icon category-icon allows Stored XSS.This issue affects Category Icon: from n/a through = 1.0.2...

5.9CVSS5.6AI score0.00027EPSS

Exploits0References1

CVE•added 2025/12/24 12:31 p.m.•9 views

CVE-2025-68525

CVE-2025-68525 targets the WordPress Category Icon plugin (versions up to and including 1.0.2). The root cause is improper input neutralization during web-page generation, leading to Stored Cross-Site Scripting (XSS). Affected product/component: WordPress Category Icon category-icon feature; impa...

5.9CVSS5.6AI score0.00027EPSS

Exploits0References1

CNNVD•added 2025/12/24 12:0 a.m.•2 views

WordPress plugin Category Icon 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress Category Icon, which stems from improper input neutralization during page generation; no detailed vulnerability details...

5.9CVSS5.7AI score0.00027EPSS

Exploits0References1

Positive Technologies•added 2025/12/24 12:0 a.m.•2 views

PT-2025-53091

Name of the Vulnerable Software and Affected Versions pixelgrade Category Icon versions through 1.0.2 Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This means that malicious scripts can be...

5.4CVSS5.9AI score0.00027EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-17490

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00228EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-14736

Malicious code in bioql PyPI...

4.9CVSS6.4AI score0.00242EPSS

Exploits0References1

RedhatCVE•added 2025/06/11 4:3 p.m.•4 views

CVE-2025-31039

Improper Restriction of XML External Entity Reference vulnerability in pixelgrade Category Icon category-icon allows XML Entity Linking.This issue affects Category Icon: from n/a through = 1.0.3...

9.1CVSS5.9AI score0.00228EPSS

Exploits0References1

NVD•added 2025/06/09 4:15 p.m.•4 views

CVE-2025-31039

Improper Restriction of XML External Entity Reference vulnerability in pixelgrade Category Icon category-icon allows XML Entity Linking.This issue affects Category Icon: from n/a through = 1.0.3...

9.1CVSS0.00228EPSS

Exploits0References1

Vulnrichment•added 2025/06/09 3:56 p.m.•2 views

CVE-2025-31039 WordPress Category Icon plugin <= 1.0.3 - XML External Entity (XXE) vulnerability

Improper Restriction of XML External Entity Reference vulnerability in pixelgrade Category Icon category-icon allows XML Entity Linking.This issue affects Category Icon: from n/a through = 1.0.3...

9.1CVSS5.8AI score0.00228EPSS

Exploits0References1

CVE•added 2025/06/09 3:56 p.m.•55 views

CVE-2025-31039

CVE-2025-31039 affects the WordPress plugin Category Icon (affected: 1.0.2 and earlier). The issue is an improper restriction of XML External Entity Reference (XXE) that enables XML Entity Linking. According to the provided metrics, the CVSS base score is 9.1 (CRITICAL) with network access, low a...

9.1CVSS5.9AI score0.00228EPSS

Exploits0References1

Cvelist•added 2025/06/09 3:56 p.m.•21 views

CVE-2025-31039 WordPress Category Icon plugin <= 1.0.3 - XML External Entity (XXE) vulnerability

Improper Restriction of XML External Entity Reference vulnerability in pixelgrade Category Icon category-icon allows XML Entity Linking.This issue affects Category Icon: from n/a through = 1.0.3...

9.1CVSS0.00228EPSS

Exploits0References1

CNNVD•added 2025/06/09 12:0 a.m.•2 views

WordPress plugin Category Icon 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

9.1CVSS8.6AI score0.00228EPSS

Exploits0References1

Positive Technologies•added 2025/06/09 12:0 a.m.•3 views

PT-2025-24474 · Unknown · Category Icon

Name of the Vulnerable Software and Affected Versions: Category Icon versions 1.0.2 and earlier Description: The issue is related to an Improper Restriction of XML External Entity Reference vulnerability in Category Icon, which allows XML Entity Linking. Recommendations: For Category Icon version...

9.1CVSS8.9AI score0.00228EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 10:43 a.m.•3 views

CVE-2024-8915

The Category Icon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, ...

6.4CVSS5.8AI score0.00254EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by