CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-30508

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00032EPSS

Exploits0References2

NVD•added 2025/09/22 7:16 p.m.•6 views

CVE-2025-59553

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Coderz Studio Custom iFrame for Elementor custom-iframe allows DOM-Based XSS.This issue affects Custom iFrame for Elementor: from n/a through = 1.0.13...

6.5CVSS0.00032EPSS

Exploits0References1

Patchstack•added 2025/09/22 6:31 p.m.•5 views

WordPress Custom iFrame for Elementor Plugin <= 1.0.13 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Michael in WordPress Plugin Custom iFrame for Elementor versions = 1.0.13...

6.5CVSS6AI score0.00032EPSS

Exploits0Affected Software1

Cvelist•added 2025/09/22 6:26 p.m.•9 views

CVE-2025-59553 WordPress Custom iFrame for Elementor Plugin <= 1.0.13 - Cross Site Scripting (XSS) Vulnerability

6.5CVSS0.00032EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:26 p.m.•5 views

CVE-2025-59553 WordPress Custom iFrame for Elementor Plugin <= 1.0.13 - Cross Site Scripting (XSS) Vulnerability

6.5CVSS5.2AI score0.00032EPSS

Exploits0References1

CVE•added 2025/09/22 6:26 p.m.•11 views

CVE-2025-59553

CVE-2025-59553 affects the Custom iFrame for Elementor plugin. The issue is described as an improper neutralization of input during web page generation that leads to a cross-site scripting (XSS) vulnerability. The affected range is Custom iFrame for Elementor from initial release to version 1.0.1...

6.5CVSS5.9AI score0.00032EPSS

Exploits0References1

Positive Technologies•added 2025/09/22 12:0 a.m.•1 views

PT-2025-39033

Name of the Vulnerable Software and Affected Versions Mesh Connect JS SDK versions prior to 3.3.2 Description Mesh Connect JS SDK contains JS libraries for integrating with Mesh Connect. A lack of sanitization of URLs protocols in the createLink.openLink function enables the execution of arbitrar...

8.2CVSS6.9AI score0.00054EPSS

Exploits0References10

CNNVD•added 2025/09/22 12:0 a.m.•2 views

WordPress plugin Custom iFrame for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS5.9AI score0.00032EPSS

Exploits0References1

Positive Technologies•added 2025/09/22 12:0 a.m.•5 views

PT-2025-39037

Name of the Vulnerable Software and Affected Versions Coderz Studio Custom iFrame for Elementor versions through 1.0.13 Description An issue exists in Coderz Studio Custom iFrame for Elementor that allows for DOM-Based Cross-site Scripting XSS. The issue is due to improper neutralization of input...

6.5CVSS6.2AI score0.00032EPSS

Exploits0References4

wpexploit•added 2023/07/27 12:0 a.m.•153 views

Bit Assist < 1.1.9 - Admin+ Stored Cross-Site Scripting

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. In the plugin's settings, click on...

4.8CVSS4.8AI score0.00122EPSS

Exploits2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by