CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/04/14 7:16 p.m.•5 views

CVE-2026-34624

5.4CVSS0.00035EPSS

NVD•added 2026/04/14 7:16 p.m.•4 views

CVE-2026-34625

5.4CVSS0.00035EPSS

ATTACKERKB•added 2026/04/14 6:26 p.m.•4 views

CVE-2026-34623

5.4CVSS5.8AI score0.00035EPSS

ATTACKERKB•added 2026/04/14 6:25 p.m.•3 views

CVE-2026-34624

5.4CVSS5.8AI score0.00035EPSS

ATTACKERKB•added 2026/04/14 5:33 p.m.•0 views

CVE-2026-27246

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session...

9.3CVSS5.2AI score0.00119EPSS

Positive Technologies•added 2026/04/14 12:0 a.m.•2 views

PT-2026-32584

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting XSS vulnerability that allows authenticated users to inject arbitrary HTML and JavaScript into the Application prologue Opening Remarks field by wrapping malicious payloads in tags...

5.1CVSS6AI score0.0004EPSS

Exploits0References3

RedhatCVE•added 2026/04/13 7:25 p.m.•3 views

CVE-2026-39665

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vladimir Prelovac SEO Friendly Images seo-image allows DOM-Based XSS.This issue affects SEO Friendly Images: from n/a through = 3.0.5...

6.5CVSS5.8AI score0.00039EPSS

NVD•added 2026/04/08 9:16 a.m.•2 views

CVE-2026-39696

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elfsight Elfsight WhatsApp Chat CC elfsight-whatsapp-chat allows DOM-Based XSS.This issue affects Elfsight WhatsApp Chat CC: from n/a through = 1.2.0...

NVD•added 2026/04/08 9:16 a.m.•1 views

CVE-2026-39683

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chief Gnome Garden Gnome Package garden-gnome-package allows DOM-Based XSS.This issue affects Garden Gnome Package: from n/a through = 2.4.1...

5.9CVSS0.00036EPSS

NVD•added 2026/04/08 9:16 a.m.•2 views

CVE-2026-39508

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Josh Kohlbach Advanced Coupons for WooCommerce Coupons advanced-coupons-for-woocommerce-free allows DOM-Based XSS.This issue affects Advanced Coupons for WooCommerce Coupons: from n/a through =...

ATTACKERKB•added 2026/04/08 8:30 a.m.•2 views

CVE-2026-39702

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows DOM-Based XSS.This issue affects Animation Addons for Elementor: from n/a through = 2.6.1...

6.5CVSS5.9AI score0.00039EPSS

Cvelist•added 2026/04/08 8:30 a.m.•16 views

CVE-2026-39696 WordPress Elfsight WhatsApp Chat CC plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability

Vulnrichment•added 2026/04/08 8:30 a.m.•1 views

CVE-2026-39693 WordPress FSM Custom Featured Image Caption plugin <= 1.25.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fesomia FSM Custom Featured Image Caption fsm-custom-featured-image-caption allows DOM-Based XSS.This issue affects FSM Custom Featured Image Caption: from n/a through = 1.25.1...

5.8AI score0.00036EPSS

ATTACKERKB•added 2026/04/08 8:30 a.m.•1 views

CVE-2026-39666

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in telepathy Hello Bar Popup Builder hellobar allows DOM-Based XSS.This issue affects Hello Bar Popup Builder: from n/a through = 1.5.1...

5.9AI score0.00039EPSS

CVE•added 2026/04/08 8:30 a.m.•4 views

CVE-2026-39665

The CVE describes a DOM-Based XSS vulnerability in the WordPress plugin SEO Friendly Images (seo-image) by Vladimir Prelovac, affecting versions from n/a up to 3.0.5. Root cause: Improper neutralization of input during web page generation. Impact stated across sources as cross-site scripting acce...

6.5CVSS5.9AI score0.00039EPSS

Cvelist•added 2026/04/08 8:30 a.m.•17 views

CVE-2026-39575 WordPress Custom Query Blocks plugin <= 5.5.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.This issue affects Custom Query Blocks: from n/a through = 5.5.0...

Vulnrichment•added 2026/04/08 8:30 a.m.•2 views

CVE-2026-39575 WordPress Custom Query Blocks plugin <= 5.5.0 - Cross Site Scripting (XSS) vulnerability

5.8AI score0.00039EPSS

Vulnrichment•added 2026/04/08 8:30 a.m.•2 views

CVE-2026-39482 WordPress Post Expirator plugin <= 4.9.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PublishPress Post Expirator post-expirator allows DOM-Based XSS.This issue affects Post Expirator: from n/a through = 4.9.4...

6.5CVSS5.8AI score0.00039EPSS