CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Vulnrichment•added 2026/05/10 12:12 p.m.•2 views

CVE-2022-50955 WordPress Plugin Curtain 1.0.2 Cross-site Request Forgery

WordPress Plugin Curtain 1.0.2 contains a cross-site request forgery vulnerability that allows attackers to activate or deactivate site maintenance mode by crafting malicious requests. Attackers can trick authenticated administrators into submitting forged requests to the options-general.php page...

5.3CVSS5.7AI score0.00015EPSS

Exploits0References3

Cvelist•added 2026/05/10 12:12 p.m.•23 views

CVE-2022-50955 WordPress Plugin Curtain 1.0.2 Cross-site Request Forgery

5.3CVSS0.00015EPSS

Exploits0References3

CVE•added 2026/05/10 12:12 p.m.•4 views

CVE-2022-50955

CVE-2022-50955 affects the WordPress plugin Curtain 1.0.2. The issue is a cross-site request forgery (CSRF) that lets attackers toggle maintenance mode by crafting requests to options-general.php with curtain parameters, bypassing valid nonce validation. Impact is the ability to activate/deactiva...

5.3CVSS5.7AI score0.00015EPSS

Exploits0References3

ATTACKERKB•added 2026/05/10 12:12 p.m.•3 views

CVE-2022-50955

5.3CVSS5.7AI score0.00015EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2026/05/10 12:0 a.m.•4 views

PT-2026-39480

5.3CVSS5.7AI score0.00015EPSS

Exploits0References4

CNNVD•added 2026/05/10 12:0 a.m.•3 views

WordPress plugin Curtain 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.7AI score0.00015EPSS

Exploits0References1

CNVD•added 2022/05/25 12:0 a.m.•9 views

WordPress Curtain plugin跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Curtain plugin is vulnerable to a cross-site scripting vulnerability that stems from not cleaning a...

4.8CVSS1.1AI score0.02402EPSS

Exploits1References1

OSV•added 2022/05/23 8:16 a.m.•1 views

CVE-2022-1558

The Curtain WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...

4.8CVSS5.8AI score

Exploits0References2

CNNVD•added 2022/05/23 12:0 a.m.•3 views

WordPress plugin Curtain 跨站脚本漏洞

4.8CVSS5.3AI score0.02402EPSS

Exploits1References3

0day.today•added 2022/04/27 12:0 a.m.•176 views

WordPress Curtain 1.0.2 Cross Site Scripting Vulnerability

Exploit Title: Multiple Stored Cross-Site Scripting vulnerabilities in WordPress curtain plugin 1.0.2 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/curtain/ Version: 1.0.2 Tested on: Firefox Contact me: h at spidersilk.com Description Several...

7.4AI score

Exploits0

Patchstack•added 2022/04/27 12:0 a.m.•8 views

WordPress Curtain plugin <= 1.0.2 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability was discovered by Hassan Khan Yusufzai Splint3r7 in the WordPress Curtain plugin versions = 1.0.2. Solution Deactivate and delete. This plugin has been closed as of April 27, 2022 and is not available for download. This closure is temporary, pending a...

1.5AI score

Exploits0References2Affected Software1

0day.today•added 2022/03/30 12:0 a.m.•233 views

WordPress Curtain 1.0.2 Plugin - Cross-site Request Forgery Vulnerability

Exploit Title: WordPress Plugin Curtain 1.0.2 - Cross-site Request Forgery CSRF Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/curtain/ Version: 1.0.2 Tested on: Firefox Summary: Cross site forgery vulnerability has been identified in curtain...

1.1AI score

Exploits0

Patchstack•added 2022/03/30 12:0 a.m.•12 views

WordPress Curtain plugin <= 1.0.1 - Unauthenticated Maintenance Mode Switch vulnerability

Unauthenticated Maintenance Mode Switch vulnerability discovered by Hassan Khan Yusufzai Splint3r7 in WordPress Curtain plugin versions = 1.0.1. Solution Update the WordPress Curtain plugin to the latest available version at least 1.0.2...

2.1AI score

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by