CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

CVE•added 2025/11/19 7:46 a.m.•28 views

CVE-2025-13035

The WordPress Code Snippets plugin vulnerability CVE-2025-13035 affects all versions up to 3.9.1. It stems from the evaluate_shortcode_from_flat_file method using extract() on attacker-controlled shortcode attributes, allowing an overwriting of the $filepath variable which is later passed to requ...

8CVSS6.8AI score0.00045EPSS

Exploits0References4

Positive Technologies•added 2025/11/19 12:0 a.m.•4 views

PT-2025-47445

Name of the Vulnerable Software and Affected Versions Code Snippets versions prior to 3.9.1 Description The Code Snippets plugin for WordPress is susceptible to PHP Code Injection in versions up to and including 3.9.1. This occurs because the plugin utilizes extract on shortcode attributes...

8CVSS7.2AI score0.00045EPSS

Exploits0References9

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-4236

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00065EPSS

Exploits0References2

RedhatCVE•added 2025/02/18 10:25 p.m.•5 views

CVE-2025-26759

Cross-Site Request Forgery CSRF vulnerability in alexvtn Content Snippet Manager content-snippet-manager allows Stored XSS.This issue affects Content Snippet Manager: from n/a through = 1.1.5...

7.1CVSS7.2AI score0.00065EPSS

Exploits0References1

NVD•added 2025/02/16 11:15 p.m.•10 views

CVE-2025-26759

Cross-Site Request Forgery CSRF vulnerability in alexvtn Content Snippet Manager content-snippet-manager allows Stored XSS.This issue affects Content Snippet Manager: from n/a through = 1.1.5...

7.1CVSS0.00065EPSS

Exploits0References1

CVE•added 2025/02/16 10:17 p.m.•50 views

CVE-2025-26759

CVE-2025-26759 – WordPress Content Snippet Manager (plugin)

7.1CVSS7.2AI score0.00065EPSS

Exploits0References1

Vulnrichment•added 2025/02/16 10:17 p.m.•4 views

CVE-2025-26759 WordPress Content Snippet Manager plugin <= 1.1.5 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in alexvtn Content Snippet Manager content-snippet-manager allows Stored XSS.This issue affects Content Snippet Manager: from n/a through = 1.1.5...

7.1CVSS8.6AI score0.00065EPSS

Exploits0References1

Cvelist•added 2025/02/16 10:17 p.m.•11 views

CVE-2025-26759 WordPress Content Snippet Manager plugin <= 1.1.5 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in alexvtn Content Snippet Manager content-snippet-manager allows Stored XSS.This issue affects Content Snippet Manager: from n/a through = 1.1.5...

7.1CVSS0.00065EPSS

Exploits0References1

CNNVD•added 2025/02/16 12:0 a.m.•1 views

WordPress plugin Content Snippet Manager 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

7.1CVSS8.2AI score0.00065EPSS

Exploits0References2