CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4382 matches found

Cvelist•added 2025/09/05 1:45 p.m.•10 views

CVE-2025-58870 WordPress WP-GraphViz Plugin <= 1.5.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DeBAAT WP-GraphViz wp-graphviz allows DOM-Based XSS.This issue affects WP-GraphViz: from n/a through = 1.5.1...

6.5CVSS0.00154EPSS

Exploits0References1

Cvelist•added 2025/09/05 1:45 p.m.•10 views

CVE-2025-58834 WordPress short.io Plugin <= 2.4.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gugu short.io wp-shortcm allows DOM-Based XSS.This issue affects short.io: from n/a through = 2.4.2...

6.5CVSS0.00202EPSS

Exploits0References1

CVE•added 2025/09/05 1:45 p.m.•12 views

CVE-2025-58834

CVE-2025-58834 is a DOM-based XSS in the WordPress short.io plugin up to version 2.4.0. Root cause: improper input neutralization during web page generation. Impact: cross-site scripting exposure affecting pages rendered by the plugin. Mitigation: upgrade to a version later than 2.4.0 (per PT-202...

6.5CVSS5.9AI score0.00202EPSS

Exploits0References1

Cvelist•added 2025/09/05 1:45 p.m.•10 views

CVE-2025-58822 WordPress WP Mail Plugin <= 1.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mndpsingh287 WP Mail wp-mail allows DOM-Based XSS.This issue affects WP Mail: from n/a through = 1.3...

6.5CVSS0.00202EPSS

Exploits0References1

CVE•added 2025/09/05 1:45 p.m.•15 views

CVE-2025-58822

CVE-2025-58822 is a DOM-based XSS vulnerability in the WordPress WP Mail plugin, affecting versions from n/a up to and including 1.3. The root cause is improper neutralization of input during web page generation. The CVE details come from multiple sources (NVD/CVE listings) and are reinforced by ...

6.5CVSS5.9AI score0.00202EPSS

Exploits0References1

CVE•added 2025/09/05 1:44 p.m.•12 views

CVE-2025-58786

CVE-2025-58786 refers to a DOM-based Cross-Site Scripting vulnerability in the WordPress plugin Ibtana – Ecommerce Product Addons (versions up to 0.4.7.4). The issue arises from improper neutralization of input during web page generation, enabling DOM-Based XSS. Affected software: Ibtana – Ecomme...

6.5CVSS5.9AI score0.0019EPSS

Exploits0References1

Cvelist•added 2025/09/05 1:44 p.m.•9 views

CVE-2025-58786 WordPress Ibtana – Ecommerce Product Addons plugin <= 0.4.7.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VW THEMES Ibtana – Ecommerce Product Addons ibtana-ecommerce-product-addons allows DOM-Based XSS.This issue affects Ibtana – Ecommerce Product Addons: from n/a through = 0.4.7.6...

6.5CVSS0.0019EPSS

Exploits0References1

CNNVD•added 2025/09/05 12:0 a.m.•2 views

WordPress plugin StoryMap 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS5.9AI score0.00154EPSS

Exploits0References1

Positive Technologies•added 2025/09/05 12:0 a.m.•2 views

PT-2025-36213

Name of the Vulnerable Software and Affected Versions: josepsitjar StoryMap versions n/a through 2.1 Description: The software contains a DOM-Based Cross-site Scripting XSS issue due to improper neutralization of input during web page generation. Recommendations: Update josepsitjar StoryMap to a...

6.5CVSS5.8AI score0.00154EPSS

Exploits0References4

Positive Technologies•added 2025/09/05 12:0 a.m.•2 views

PT-2025-36126

Name of the Vulnerable Software and Affected Versions: VW THEMES Ibtana – Ecommerce Product Addons versions through 0.4.7.4 Description: The software contains a DOM-Based Cross-site Scripting XSS issue due to improper neutralization of input during web page generation. Recommendations: Update VW...

6.5CVSS5.8AI score0.0019EPSS

Exploits0References3

Positive Technologies•added 2025/09/05 12:0 a.m.•6 views

PT-2025-36161

Name of the Vulnerable Software and Affected Versions: WP Mail versions n/a through 1.3 Description: The software contains an Improper Neutralization of Input During Web Page Generation vulnerability, specifically a DOM-Based Cross-Site Scripting XSS issue. Recommendations: Update WP Mail to a...

6.5CVSS5.3AI score0.00202EPSS

Exploits0References3

NVD•added 2025/09/03 3:15 p.m.•5 views

CVE-2025-58631

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZEEN101 IssueM issuem allows DOM-Based XSS.This issue affects IssueM: from n/a through = 2.9.0...

5.9CVSS0.00165EPSS

Exploits0References1

CVE•added 2025/09/03 2:36 p.m.•12 views

CVE-2025-58631

CVE-2025-58631 is a DOM-based XSS in the WordPress IssueM plugin up to version 2.9.0, caused by improper neutralization of input during web page generation. Affected software: IssueM (ZEEN101) plugin for WordPress; vulnerability is triggered via user-supplied input that is not properly sanitized ...

5.9CVSS5.9AI score0.00165EPSS

Exploits0References1

Vulnrichment•added 2025/09/03 2:36 p.m.•1 views

CVE-2025-58618 WordPress Pie Calendar Plugin <= 1.2.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jonathan Jernigan Pie Calendar pie-calendar allows DOM-Based XSS.This issue affects Pie Calendar: from n/a through = 1.2.8...

6.5CVSS5.9AI score0.0019EPSS

Exploits0References1

CVE•added 2025/09/03 2:36 p.m.•14 views

CVE-2025-58618

CVE-2025-58618 affects the WordPress Pie Calendar plugin up to version 1.2.8. The vulnerability is a DOM-based XSS due to improper input neutralization during web page generation. Impact is described as a cross-site scripting risk within Pie Calendar’s calendar rendering, potentially enabling inj...

6.5CVSS5.9AI score0.0019EPSS

Exploits0References1

CNNVD•added 2025/09/03 12:0 a.m.•2 views

WordPress plugin IssueM 跨站脚本漏洞

5.9CVSS5.9AI score0.00165EPSS

Exploits0References1

CNNVD•added 2025/09/03 12:0 a.m.•1 views

WordPress plugin Pie Calendar 跨站脚本漏洞

6.5CVSS5.9AI score0.0019EPSS

Exploits0References1

Positive Technologies•added 2025/09/03 12:0 a.m.•4 views

PT-2025-35761

Name of the Vulnerable Software and Affected Versions: IssueM versions through 2.9.0 Description: The software contains a DOM-Based Cross-Site Scripting XSS issue due to improper neutralization of input during web page generation. Recommendations: Update IssueM to a version later than 2.9.0...

5.9CVSS5.5AI score0.00165EPSS

Exploits0References4

RedhatCVE•added 2025/08/30 6:20 p.m.•2 views

CVE-2025-58212

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in epeken Epeken All Kurir epeken-all-kurir allows DOM-Based XSS.This issue affects Epeken All Kurir: from n/a through = 2.0.1...

6.5CVSS5.9AI score0.00154EPSS

Exploits0References1

RedhatCVE•added 2025/08/30 6:20 p.m.•4 views

CVE-2025-58205

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows DOM-Based XSS.This issue affects ElementInvader Addons for Elementor: from n/a through = 1.3.6...

6.5CVSS5.9AI score0.00154EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by