CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

49 matches found

Patchstack•added 4 days ago•5 views

WordPress CformsII plugin <= 15.1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ilay Striechman in WordPress Plugin CformsII versions = 15.1.3...

5.8AI score

Exploits0Affected Software1

NVD•added 2026/05/25 11:16 p.m.•6 views

CVE-2026-39436

Cross-Site Request Forgery CSRF vulnerability in bgermann CformsII allows Cross Site Request Forgery. This issue affects CformsII: from n/a through 15.1.3...

7.1CVSS0.00017EPSS

Exploits0References1

ATTACKERKB•added 2026/05/25 10:15 p.m.•4 views

CVE-2026-39436

Cross-Site Request Forgery CSRF vulnerability in bgermann CformsII allows Cross Site Request Forgery. This issue affects CformsII: from n/a through 15.1.3...

7.1CVSS5.8AI score0.00017EPSS

Exploits0References2

Vulnrichment•added 2026/05/25 10:15 p.m.•6 views

CVE-2026-39436 WordPress CformsII plugin <= 15.1.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in bgermann CformsII allows Cross Site Request Forgery. This issue affects CformsII: from n/a through 15.1.3...

7.1CVSS5.8AI score0.00017EPSS

Exploits0References1

EUVD•added 2026/05/25 10:15 p.m.•4 views

EUVD-2026-31766

Cross-Site Request Forgery CSRF vulnerability in bgermann CformsII allows Cross Site Request Forgery. This issue affects CformsII: from n/a through 15.1.3...

7.1CVSS5.8AI score0.00017EPSS

Exploits0References1

CVE•added 2026/05/25 10:15 p.m.•11 views

CVE-2026-39436

The CVE-2026-39436 entry concerns a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin CformsII (bgermann) version

7.1CVSS5.8AI score0.00017EPSS

Exploits0References1

CNNVD•added 2026/05/25 12:0 a.m.•3 views

WordPress plugin CformsII 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

7.1CVSS5.7AI score0.00017EPSS

Exploits0References1

Positive Technologies•added 2026/05/25 12:0 a.m.•4 views

PT-2026-43144

Name of the Vulnerable Software and Affected Versions CformsII versions prior to 15.1.4 Description Cross-Site Request Forgery CSRF in bgermann CformsII allows an attacker to perform unauthorized actions on behalf of a user. CSRF is a flaw where a malicious website tricks a user's browser into...

7.1CVSS5.8AI score0.00017EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-19745

Malicious code in bioql PyPI...

7.1CVSS9.1AI score0.00354EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-56876

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00116EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-29404

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.00094EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:25 a.m.•2 views

CVE-2023-52203

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Oliver Seidel, Bastian Germann cformsII allows Stored XSS.This issue affects cformsII: from n/a through 15.0.5...

5.9CVSS6.5AI score0.00116EPSS

Exploits0References1

RedhatCVE•added 2025/02/04 11:42 p.m.•5 views

CVE-2024-22149

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Oliver Seidel, Bastian Germann CformsII allows Stored XSS.This issue affects CformsII: from n/a through 15.0.5...

7.1CVSS8.6AI score0.00354EPSS

Exploits0References1

NVD•added 2024/03/27 6:15 a.m.•10 views

CVE-2024-22149

7.1CVSS6.9AI score0.00354EPSS

Exploits0References1

CVE•added 2024/03/27 5:51 a.m.•76 views

CVE-2024-22149

CVE-2024-22149 affects WordPress plugin CformsII (Cforms2)

7.1CVSS8.6AI score0.00354EPSS

Exploits0References1

Vulnrichment•added 2024/03/27 5:51 a.m.•22 views

CVE-2024-22149 WordPress cformsII plugin <= 15.0.5 - Cross Site Scripting (XSS) vulnerability

7.1CVSS6.7AI score0.00354EPSS

Exploits0References1

Cvelist•added 2024/03/27 5:51 a.m.•27 views

CVE-2024-22149 WordPress cformsII plugin <= 15.0.5 - Cross Site Scripting (XSS) vulnerability

7.1CVSS7AI score0.00354EPSS

Exploits0References1

CNNVD•added 2024/03/27 12:0 a.m.•1 views

WordPress Plugin cformsII 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

7.1CVSS7.6AI score0.00354EPSS

Exploits0References2

WPVulnDB•added 2024/01/18 12:0 a.m.•17 views

CformsII < 15.0.7 - Unauthenticated Stored XSS

Description The plugin is vulnerable to stored Cross-Site Scripting via an unknown parameter due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an...

7.1CVSS7AI score0.00354EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/01/15 12:0 a.m.•16 views

WordPress CformsII Plugin <= 15.0.6 is vulnerable to Cross Site Scripting (XSS)

Software CformsII Type Plugin Vulnerable versions = 15.0.6 Fixed in 15.0.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-22149 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2aac355b9ab7 Credits emad Required privilege Unauthenticat...

7.1CVSS6.5AI score0.00354EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by