CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2025/03/27 10:55 a.m.•5 views

CVE-2025-30832 WordPress Themify Event Post Plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability

CVE•added 2025/03/27 10:55 a.m.•39 views

CVE-2025-30832

CVE-2025-30832 is a DOM-based XSS in Themify Event Post (WordPress). Affected: Themify Event Post versions from 1.0 through 1.3.2 (n/a to 1.3.2). Root cause: improper input handling during web page generation leading to cross-site scripting. Impact: XSS risk for authenticated users; exploitation ...

CVE•added 2025/03/27 10:55 a.m.•48 views

CVE-2025-30826

CVE-2025-30826 affects the IP Locator WordPress plugin (IP Locator). The vulnerability is a DOM-based XSS caused by improper input neutralization during web page generation, affecting versions up to 4.1.0 (and from n/a to 4.1.0). The CVSS 3.1 score is 6.5 (Medium) with network access, low attack ...

CVE•added 2025/03/27 10:55 a.m.•40 views

CVE-2025-30818

CVE-2025-30818 describes a DOM-based Cross-Site Scripting vulnerability in the WordPress plugin jAlbum Bridge . The issue affects versions

Vulnrichment•added 2025/03/27 10:55 a.m.•7 views

CVE-2025-30818 WordPress jAlbum Bridge plugin <= 2.0.17 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mlaza jAlbum Bridge jalbum-bridge allows DOM-Based XSS.This issue affects jAlbum Bridge: from n/a through = 2.0.17...

Cvelist•added 2025/03/27 10:55 a.m.•19 views

CVE-2025-30818 WordPress jAlbum Bridge plugin <= 2.0.17 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00308EPSS

CVE•added 2025/03/27 10:54 a.m.•37 views

CVE-2025-30786

CVE-2025-30786 is a DOM-based/Stored Cross-Site Scripting vulnerability in the WordPress plugin Quotes llama (quotes-llama) affecting versions up to and including 3.1.0 . The vulnerability is listed as Authenticated (Contributor+) Stored Cross-Site Scripting , implying exploitation requires valid...

6.5CVSS7.2AI score0.00291EPSS

Vulnrichment•added 2025/03/27 10:54 a.m.•3 views

CVE-2025-30786 WordPress Quotes llama plugin <= 3.1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oooorgle Quotes llama quotes-llama allows DOM-Based XSS.This issue affects Quotes llama: from n/a through = 3.1.0...

6.5CVSS7.3AI score0.00291EPSS

Cvelist•added 2025/03/27 10:54 a.m.•14 views

CVE-2025-30786 WordPress Quotes llama plugin <= 3.1.0 - Cross Site Scripting (XSS) Vulnerability

6.5CVSS0.00291EPSS

Cvelist•added 2025/03/27 10:54 a.m.•13 views

CVE-2025-30771 WordPress WP Cassify plugin <= 2.3.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alain-Aymerick FRANCOIS WP Cassify wp-cassify allows DOM-Based XSS.This issue affects WP Cassify: from n/a through = 2.3.5...

6.5CVSS0.00308EPSS

Vulnrichment•added 2025/03/27 10:54 a.m.•4 views

CVE-2025-30771 WordPress WP Cassify plugin <= 2.3.5 - Cross Site Scripting (XSS) Vulnerability

CVE•added 2025/03/27 10:54 a.m.•47 views

CVE-2025-30771

CVE-2025-30771 affects the WordPress plugin WP Cassify (WP Cassify: from n/a through 2.3.5). The Initial Description states a DOM-based Cross-Site Scripting vulnerability (XSS) in WP Cassify, enabling injection of scripts via input during web page generation. The connected documents also list WP ...

CVE•added 2025/03/27 10:54 a.m.•50 views

CVE-2025-30770

CVE-2025-30770 concerns the Charitable plugin for WordPress, affecting Charitable versions up to 1.8.4.7. The issue is a DOM-based XSS vulnerability arising from improper neutralization of input during web page generation, enabling an attacker to inject/execute script in the context of the affect...

6.5CVSS7.2AI score0.003EPSS

Vulnrichment•added 2025/03/27 10:54 a.m.•8 views

CVE-2025-30770 WordPress Charitable plugin <= 1.8.4.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi Charitable charitable allows DOM-Based XSS.This issue affects Charitable: from n/a through = 1.8.4.7...

6.5CVSS7.2AI score0.003EPSS

CVE•added 2025/03/27 10:54 a.m.•56 views

CVE-2025-30766

CVE-2025-30766: Happy Addons for Elementor has a DOM-based XSS vulnerability in the plugin’s web page generation due to improper input neutralization. Affected: Happy Addons for Elementor (Authenticated user context). CVSS v3.1 base score 6.5 (Medium). Connected Wordfence vulnerability data confi...

Vulnrichment•added 2025/03/27 10:54 a.m.•4 views

CVE-2025-30766 WordPress Happy Addons for Elementor plugin <= 3.16.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows DOM-Based XSS.This issue affects Happy Addons for Elementor: from n/a through = 3.16.2...

CNNVD•added 2025/03/27 12:0 a.m.•1 views

WordPress plugin LeadConnector 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS8AI score0.00252EPSS

Exploits0References2

CNNVD•added 2025/03/27 12:0 a.m.•1 views

WordPress plugin Quotes llama 跨站脚本漏洞

6.5CVSS8AI score0.00291EPSS