CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

CNVD•added 2025/11/18 12:0 a.m.•1 views

WordPress Content Flipper plugin cross-site scripting vulnerability

WordPress Content Flipper plugin is an open source WordPress plugin , mainly used for content display and interactive features . A cross-site scripting vulnerability exists in the WordPress Content Flipper plugin, which stems from insufficient input cleanup and output escaping of the parameter...

6.4CVSS6AI score0.00031EPSS

Exploits0References1

RedhatCVE•added 2025/11/14 9:9 a.m.•3 views

CVE-2025-11769

The WordPress Content Flipper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bgcolor' shortcode attribute of the 'flipperfront' shortcode in all versions up to, and including, 0.1. This is due to insufficient input sanitization and output escaping. This makes it possib...

6.4CVSS5AI score0.00031EPSS

Exploits0References1

NVD•added 2025/11/13 9:15 a.m.•5 views

CVE-2025-11769

6.4CVSS0.00031EPSS

Exploits0References3

Cvelist•added 2025/11/13 8:27 a.m.•7 views

CVE-2025-11769 WordPress Content Flipper <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS0.00031EPSS

Exploits0References3

Vulnrichment•added 2025/11/13 8:27 a.m.•2 views

CVE-2025-11769 WordPress Content Flipper <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS4.7AI score0.00031EPSS

Exploits0References3

EUVD•added 2025/11/13 8:27 a.m.•1 views

EUVD-2025-158257

6.4CVSS4.6AI score0.00031EPSS

Exploits0References4

CVE•added 2025/11/13 8:27 a.m.•17 views

CVE-2025-11769

The CVE-2025-11769 entry concerns the WordPress Content Flipper plugin (WordPress) with a Stored Cross-Site Scripting vulnerability due to insufficient input sanitization and output escaping of the bgcolor attribute in the flipper_front shortcode. It affects versions up to and including 0.1. Expl...

6.4CVSS4.7AI score0.00031EPSS

Exploits0References3

Patchstack•added 2025/11/13 12:3 a.m.•4 views

WordPress WordPress Content Flipper plugin <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WordPress Content Flipper versions = 0.1...

6.4CVSS5.5AI score0.00031EPSS

Exploits0References1Affected Software1

CNNVD•added 2025/11/13 12:0 a.m.•2 views

WordPress plugin WordPress Content Flipper 跨站脚本漏洞

6.4CVSS5.7AI score0.00031EPSS

Exploits0References3

Positive Technologies•added 2025/11/13 12:0 a.m.•3 views

PT-2025-46792

Name of the Vulnerable Software and Affected Versions WordPress Content Flipper plugin versions up to and including 0.1 Description The WordPress Content Flipper plugin is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escaping in the 'bgcolor'...

6.4CVSS5.9AI score0.00031EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by