CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

65 matches found

Patchstack•added 2026/03/24 9:37 a.m.•4 views

WordPress Shortcodes Blocks Creator Ultimate plugin <= 2.2.0 - Reflected Cross-Site Scripting via 'page' vulnerability

Reflected Cross-Site Scripting via 'page' vulnerability discovered by Colin Xu in WordPress Plugin Shortcodes Blocks Creator Ultimate versions = 2.2.0...

6.1CVSS5.8AI score0.01989EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/03/24 9:21 a.m.•4 views

WordPress SEO Help plugin <= 6.1.3 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin SEO Help versions = 6.1.3...

6.1CVSS5.8AI score0.02796EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/12/31 12:0 a.m.•4 views

WordPress WP - Bulk SMS - by SMS.to plugin <= 1.0.12 - Reflected Cross-Site Scripting vulnerability

WordPress WP - Bulk SMS - by SMS.to plugin = 1.0.12 - Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin WP – Bulk SMS versions = 1.0.12...

6.1CVSS5.4AI score0.01268EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/04/01 11:1 p.m.•4 views

WordPress Front End Users plugin <= 3.2.32 - Authenticated (Admin+) SQL injection vulnerability

Authenticated Admin+ SQL injection vulnerability discovered by Colin Xu in WordPress Plugin Front End Users versions = 3.2.32...

4.9CVSS9AI score0.00356EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/02/28 10:51 p.m.•3 views

WordPress Currency Switcher for WooCommerce plugin <= 2.16.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin Currency Switcher for WooCommerce versions = 2.16.2...

6.1CVSS6.3AI score0.00534EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/02/21 9:54 p.m.•2 views

WordPress LTL Freight Quotes – Purolator Edition plugin <= 2.2.3 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Colin Xu in WordPress Plugin LTL Freight Quotes – Purolator Edition versions = 2.2.3...

7.5CVSS8.1AI score0.0012EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/02/19 12:2 a.m.•2 views

WordPress LTL Freight Quotes – SEFL Edition plugin <= 3.2.4 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Colin Xu in WordPress Plugin LTL Freight Quotes – SEFL Edition versions = 3.2.4...

7.5CVSS8.1AI score0.05215EPSS

Exploits1References1Affected Software1

Patchstack•added 2025/02/19 12:0 a.m.•3 views

WordPress Small Package Quotes – USPS Edition plugin <= 1.3.5 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Colin Xu in WordPress Plugin Small Package Quotes – USPS Edition versions = 1.3.5...

7.5CVSS8.1AI score0.00149EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/02/18 11:18 p.m.•2 views

WordPress Pollin plugin <= 1.01.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin Pollin versions = 1.01.1...

6.1CVSS6.3AI score0.00401EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/02/14 10:44 p.m.•5 views

WordPress LTL Freight Quotes – Estes Edition plugin <= 3.3.7 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Colin Xu in WordPress Plugin LTL Freight Quotes – Estes Edition versions = 3.3.7...

7.5CVSS8.1AI score0.15083EPSS

Exploits3References1Affected Software1

Patchstack•added 2025/02/11 10:53 p.m.•3 views

WordPress Small Package Quotes – Purolator Edition plugin <= 3.6.4 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Colin Xu in WordPress Plugin Small Package Quotes – Purolator Edition versions = 3.6.4...

7.5CVSS8.1AI score0.0022EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/02/11 10:48 p.m.•1 views

WordPress ShipEngine Shipping Quotes plugin <= 1.0.7 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Colin Xu in WordPress Plugin ShipEngine Shipping Quotes versions = 1.0.7...

7.5CVSS8.1AI score0.0022EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/02/11 10:5 p.m.•3 views

WordPress StaffList plugin <= 3.2.3 - Cross-Site Request Forgery to Reflected Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin StaffList versions = 3.2.3...

6.1CVSS6.4AI score0.00238EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/02/03 8:33 p.m.•2 views

WordPress VR-Frases plugin <= 4.0.1 - Reflected XSS to SQL Injection vulnerability

Reflected XSS to SQL Injection vulnerability discovered by Colin Xu Patchstack Alliance in WordPress Plugin VR-Frases versions = 4.0.1...

8.2CVSS7.5AI score0.00162EPSS

Exploits0Affected Software1

Patchstack•added 2025/01/30 5:28 p.m.•2 views

WordPress Single-user-chat plugin <= 0.5 - Authenticated (Subscriber+) Limited Options Update vulnerability

Authenticated Subscriber+ Limited Options Update vulnerability discovered by Colin Xu in WordPress Plugin Single-user-chat versions = 0.5...

8.1CVSS7AI score0.00083EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/01/30 7:9 a.m.•1 views

WordPress WP Image Uploader plugin <= 1.0.1 - Cross-Site Request Forgery to Arbitrary File Deletion vulnerability

Cross-Site Request Forgery to Arbitrary File Deletion vulnerability discovered by Colin Xu in WordPress Plugin WP Image Uploader versions = 1.0.1...

8.8CVSS7AI score0.00179EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/01/23 7:7 a.m.•1 views

WordPress SEO Blogger to WordPress Migration using 301 Redirection plugin <= 0.4.8 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin SEO Blogger to WordPress Migration using 301 Redirection versions = 0.4.8...

6.1CVSS6.3AI score0.01474EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/01/21 10:50 p.m.•2 views

WordPress Themify Builder plugin <= 7.6.6 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin Themify Builder versions = 7.6.6...

6.1CVSS6.3AI score0.01916EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/01/21 1:10 a.m.•2 views

WordPress Link Library plugin <= 7.7.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin Link Library versions = 7.7.2...

6.1CVSS6.3AI score0.01474EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/01/18 3:52 p.m.•2 views

WordPress Small Package Quotes Plugin <= 2.4.8 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Colin Xu in WordPress Plugin Small Package Quotes – Unishippers Edition versions = 2.4.8...

9.3CVSS8.1AI score0.00081EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by