CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

RedhatCVE•added 2026/01/09 9:5 a.m.•2 views

CVE-2024-34564

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LogicHunt Inc. Counter Up allows Stored XSS.This issue affects Counter Up: from n/a through 2.2.1...

6.5CVSS5.2AI score0.00313EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-34867

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00313EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-33084

Malicious code in bioql PyPI...

6.4CVSS8.8AI score0.00201EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 8:21 a.m.•1 views

CVE-2024-10895

The Counter Up – Animated Number Counter & Milestone Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lgx-counter' shortcode in all versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5AI score0.00201EPSS

Exploits0References1

Vulnrichment•added 2024/11/27 6:41 a.m.•9 views

CVE-2024-10895 Counter Up – Animated Number Counter & Milestone Showcase <= 2.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS5.9AI score0.00201EPSS

Exploits0References2

Cvelist•added 2024/11/27 6:41 a.m.•13 views

CVE-2024-10895 Counter Up – Animated Number Counter & Milestone Showcase <= 2.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS0.00201EPSS

Exploits0References2

CNNVD•added 2024/11/27 12:0 a.m.•1 views

WordPress plugin Counter Up 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.4CVSS7.6AI score0.00201EPSS

Exploits0References3

Patchstack•added 2024/11/26 10:23 p.m.•1 views

WordPress Counter Up plugin <= 2.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Counter Up versions = 2.4.0...

6.4CVSS5.7AI score0.00201EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/11/26 12:0 a.m.•8 views

WordPress Counter Up Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS)

Software Counter Up Type Plugin Vulnerable versions = 2.4.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10895 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1138a112af91 Credits Peter Thaleikis Required...

6.4CVSS5.8AI score0.00201EPSS

Exploits0References2Affected Software1

NVD•added 2024/05/08 11:15 a.m.•8 views

CVE-2024-34564

6.5CVSS6.7AI score0.00313EPSS

Exploits0References1

CVE•added 2024/05/08 11:3 a.m.•57 views

CVE-2024-34564

CVE-2024-34564 is a Stored XSS in Counter Up (LogicHunt Inc.) via improper input neutralization during web page generation. Affected: Counter Up versions n/a–2.2.1. Root cause is improper neutralization of input; impact is Stored XSS. Connected Red Hat advisory confirms the description. Remediati...

6.5CVSS5.2AI score0.00313EPSS

Exploits0References1

Cvelist•added 2024/05/08 11:3 a.m.•18 views

CVE-2024-34564 WordPress Counter Up plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability

6.5CVSS7.3AI score0.00313EPSS

Exploits0References1

CNNVD•added 2024/05/08 12:0 a.m.•3 views

WordPress plugin Counter Up 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.5CVSS5.9AI score0.00313EPSS

Exploits0References2

Positive Technologies•added 2024/05/08 12:0 a.m.•3 views

PT-2024-25979 · Unknown · Counter Up

Name of the Vulnerable Software and Affected Versions: Counter Up versions through 2.2.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means that an attacker can inject maliciou...

6.5CVSS5.9AI score0.00313EPSS

Exploits0References6

Patchstack•added 2024/05/07 10:39 a.m.•3 views

WordPress Counter Up plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Counter Up versions = 2.2.1...

6.5CVSS6.1AI score0.00313EPSS

Exploits0Affected Software1

Patchstack•added 2024/05/07 12:0 a.m.•7 views

WordPress Counter Up Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Counter Up Type Plugin Vulnerable versions = 2.2.1 Fixed in 2.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34564 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0c39c66bb9f2 Credits LVT-tholv2k Required privilege Contributor...

6.5CVSS6.6AI score0.00313EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by