CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

CVE•added 2025/10/27 1:33 a.m.•8 views

CVE-2025-62925

CVE-2025-62925 describes a Missing Authorization (Broken Access Control) vulnerability in the WordPress plugin Conversios.io for Enhanced E-commerce for WooCommerce. Affected: Conversios.io

5.4CVSS5.9AI score0.00052EPSS

Exploits0References1

CNNVD•added 2025/10/27 12:0 a.m.•0 views

WordPress plugin Conversios.io 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

5.4CVSS6.5AI score0.00052EPSS

Exploits0References1

Patchstack•added 2025/10/05 7:21 a.m.•3 views

WordPress Conversios.io plugin <= 7.2.13 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Conversios.io versions = 7.2.13...

8.1CVSS7AI score0.00052EPSS

Exploits0Affected Software1

CNNVD•added 2024/12/09 12:0 a.m.•2 views

WordPress plugin Conversios.io 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

5.3CVSS8.7AI score0.00205EPSS

Exploits0References1

Patchstack•added 2024/06/28 12:0 a.m.•5 views

WordPress Conversios.io Plugin <= 7.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Conversios.io Type Plugin Vulnerable versions = 7.1.0 Fixed in 7.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6288 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ca27caeedd00 Credits Ulyses Saicha Requir...

4.7CVSS5.7AI score0.02577EPSS

Exploits0References3Affected Software1

WPVulnDB•added 2024/03/29 12:0 a.m.•18 views

Conversios.io < 7.0.0 - Reflected Cross-Site Scripting

Description The Conversios.io plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in versions up to, and including, 6.9.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

7.1CVSS6.5AI score0.00218EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/03/14 12:0 a.m.•8 views

WordPress Conversios.io Plugin <= 7.0.7 is vulnerable to SQL Injection

Software Conversios.io Type Plugin Vulnerable versions = 7.0.7 Fixed in 7.0.8 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1203 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 047c3aed63ee Credits Krzysztof Zając Required privilege Subscriber...

8.8CVSS6.8AI score0.00691EPSS

Exploits0References3Affected Software1

Patchstack•added 2023/02/06 12:0 a.m.•8 views

WordPress Conversios.io Plugin <= 5.2.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Conversios.io Type Plugin Vulnerable versions = 5.2.3 Fixed in 5.2.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-46797 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 109ab5ff4376 Credits Muhammad Daffa Requir...

5.4CVSS6.6AI score0.00097EPSS

Exploits0References2Affected Software1

CNVD•added 2022/03/09 12:0 a.m.•23 views

WordPress Conversios.io plugin SQL injection vulnerability

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is an application plugin for WordPress. SQL injection vulnerability exists in versions of WordPress...

8.8CVSS2.8AI score0.00703EPSS

Exploits2References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by