CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/02/19 9:16 a.m.•4 views

CVE-2026-25391

5.4CVSS0.00053EPSS

ATTACKERKB•added 2026/02/19 8:27 a.m.•2 views

CVE-2026-25391

5.5AI score0.00053EPSS

CVE•added 2026/02/19 8:27 a.m.•6 views

CVE-2026-25391

CVE-2026-25391 : The WP Wand plugin’s AI content-generation feature (WP Wand ai-content-generation) is affected by a Missing Authorization vulnerability in versions up to and including 1.3.07. The issue allows exploitation through incorrectly configured access control security levels (Broken Acce...

5.4CVSS5.4AI score0.00053EPSS

Cvelist•added 2026/02/19 8:27 a.m.•24 views

CVE-2026-25391 WordPress WP Wand plugin <= 1.3.07 - Broken Access Control vulnerability

5.4CVSS0.00053EPSS

Positive Technologies•added 2026/02/19 12:0 a.m.•2 views

PT-2026-20724

5.5AI score0.00053EPSS

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-6118

Malicious code in bioql PyPI...

5.1CVSS9.2AI score0.00288EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-5986

Malicious code in bioql PyPI...

5.1CVSS8.7AI score0.0027EPSS

Exploits0References5

Packet Storm News•added 2025/05/26 12:0 a.m.•3 views

Phare: a Safety Probe for Large Language Models

Ensuring the safety of large language models LLMs is critical for responsible deployment, yet existing evaluations often prioritize performance over identifying failure modes. We introduce Phare, a multilingual diagnostic framework to probe and evaluate LLM behavior across three critical...

7.4AI score

The Hacker News•added 2025/05/01 11:2 a.m.•25 views

Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign

Artificial intelligence AI company Anthropic has revealed that unknown threat actors leveraged its Claude chatbot for an "influence-as-a-service" operation to engage with authentic accounts across Facebook and X. The sophisticated activity, branded as financially-motivated, is said to have used i...

7.1AI score

CVE•added 2025/03/06 5:8 a.m.•44 views

CVE-2025-22623

CVE-2025-22623 affects the WordPress plugin Ad Inserter – Ad Manager and AdSense Ads (version 2.8.0 and earlier). The vulnerability arises from the web application generating content without validating the origin of untrusted data in myapp/includes/dst/dst.php, enabling a reflected cross-site scr...

5.1CVSS7.1AI score0.00288EPSS

RedhatCVE•added 2025/03/01 7:18 p.m.•10 views

CVE-2025-22624

FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/extensions/albums/admin/class-meta boxes.php...

5.1CVSS6.8AI score0.0027EPSS

Exploits0References4

NVD•added 2025/02/19 4:15 a.m.•7 views

CVE-2025-22622

Age Verification for your checkout page. Verify your customer's identity 1.20.0 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/class-wc-integration-agechecker-integration.php...

4.3CVSS0.00272EPSS

Cvelist•added 2025/01/25 7:24 a.m.•13 views

CVE-2024-13458 WordPress SEO Friendly Accordion FAQ with AI assisted content generation <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WordPress SEO Friendly Accordion FAQ with AI assisted content generation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'noticefaq' shortcode in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping on user...

6.4CVSS0.00228EPSS

Vulnrichment•added 2025/01/25 7:24 a.m.•5 views

CVE-2024-13458 WordPress SEO Friendly Accordion FAQ with AI assisted content generation <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS6.2AI score0.00228EPSS

Malwarebytes•added 2024/12/30 7:29 p.m.•11 views

Is nowhere safe from AI slop? (Lock and Code S05E27)

This week on the Lock and Code podcast … You can see it on X. You can see on Instagram. It's flooding community pages on Facebook and filling up channels on YouTube. It's called "AI slop" and it's the fastest, laziest way to drive engagement. Like "click bait" before it "You won't believe what...

7.3AI score

Malwarebytes•added 2024/12/18 2:0 p.m.•6 views

AI-generated malvertising “white pages” are fooling detection engines

This is no secret, online criminals are leveraging artificial intelligence AI and large language models LLMs in their malicious schemes. While AI tends to be abused to trick people i.e. deepfakes in order to gain something, sometimes, it is meant to defeat computer security programs. With AI, thi...

7.5AI score