CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4382 matches found

Cvelist•added 2025/01/16 8:7 p.m.•17 views

CVE-2025-23896 WordPress Mindmeister Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thom4 Mindmeister Shortcode mindmeister-shortcode allows DOM-Based XSS.This issue affects Mindmeister Shortcode: from n/a through = 1.0...

6.5CVSS0.00357EPSS

Exploits0References1

Vulnrichment•added 2025/01/16 8:7 p.m.•5 views

CVE-2025-23896 WordPress Mindmeister Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

6.5CVSS7.2AI score0.00357EPSS

Exploits0References1

Cvelist•added 2025/01/16 8:7 p.m.•17 views

CVE-2025-23890 WordPress Easy Tweet Embed plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tom Ewer Easy Tweet Embed easy-tweet-embed allows DOM-Based XSS.This issue affects Easy Tweet Embed: from n/a through = 1.7...

6.5CVSS0.00357EPSS

Exploits0References1

CVE•added 2025/01/16 8:7 p.m.•58 views

CVE-2025-23893

CVE-2025-23893 : DOM-based XSS in GMap Shortcode (Manuel Costales) allowed by improper input neutralization during web page generation. Affected: GMap Shortcode versions up to 2.0 (n/a through 2.0). Public records from Red Hat repeat the vulnerability description; Wordfence lists the vulnerabilit...

6.5CVSS7.2AI score0.00357EPSS

Exploits0References1

Cvelist•added 2025/01/16 8:7 p.m.•12 views

CVE-2025-23856 WordPress Simple Vertical Timeline plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Odyno Simple Vertical Timeline simple-vertical-timeline allows DOM-Based XSS.This issue affects Simple Vertical Timeline: from n/a through = 0.1...

6.5CVSS0.00357EPSS

Exploits0References1

CVE•added 2025/01/16 8:7 p.m.•43 views

CVE-2025-23856

CVE-2025-23856 affects the Simple Vertical Timeline plugin. The Red Hat and Wordfence entries confirm an DOM-based XSS caused by improper input neutralization during web page generation. Affected software: Simple Vertical Timeline (version range unspecified in documents; listed up to 0.1). The vu...

6.5CVSS7.2AI score0.00357EPSS

Exploits0References1

Vulnrichment•added 2025/01/16 8:7 p.m.•3 views

CVE-2025-23830 WordPress JB Horizontal Scroller News Ticker plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jobair JB Horizontal Scroller News Ticker jb-horizontal-scroller-news-ticker allows DOM-Based XSS.This issue affects JB Horizontal Scroller News Ticker: from n/a through = 1.0...

6.5CVSS7.2AI score0.00357EPSS

Exploits0References1

Cvelist•added 2025/01/16 8:7 p.m.•13 views

CVE-2025-23830 WordPress JB Horizontal Scroller News Ticker plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00357EPSS

Exploits0References1

Cvelist•added 2025/01/16 8:7 p.m.•12 views

CVE-2025-23831 WordPress QR Code Generator plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mobstac QR Code Generator qrcode-wprhe allows DOM-Based XSS.This issue affects QR Code Generator: from n/a through = 1.2.6...

6.5CVSS0.00357EPSS

Exploits0References1

Cvelist•added 2025/01/16 8:7 p.m.•14 views

CVE-2025-23833 WordPress Links/Problem Reporter plugin <= 2.6.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RaminMT Links/Problem Reporter report-broken-links allows DOM-Based XSS.This issue affects Links/Problem Reporter: from n/a through = 2.6.0...

6.5CVSS0.00357EPSS

Exploits0References1

CVE•added 2025/01/16 8:7 p.m.•42 views

CVE-2025-23833

CVE-2025-23833 : DOM-Based XSS in WordPress plugin Links/Problem Reporter (RaminMT) due to improper input neutralization during web page generation. Affected versions: Links/Problem Reporter up to 2.6.0 (n/a to 2.6.0). Red Hat advisory reiterates the same description. Public records do not provid...

6.5CVSS7.2AI score0.00357EPSS

Exploits0References1

CVE•added 2025/01/16 8:6 p.m.•43 views

CVE-2025-23644

CVE-2025-23644 (QuoteMedia Tools) is documented as a Cross-Site Scripting vulnerability in the WordPress plugin QuoteMedia Tools. The CVE description notes a DOM-Based XSS vector, affecting QuoteMedia Tools from n/a through 1.0. The connected Red Hat entry repeats the vulnerability description, w...

6.5CVSS7.2AI score0.00254EPSS

Exploits0References1

CVE•added 2025/01/16 8:6 p.m.•47 views

CVE-2025-23642

CVE-2025-23642 is a DOM-based XSS in the Sidebar-Content from Shortcode WordPress plugin (Sidebar-Content from Shortcode). Root cause: improper neutralization of input during web page generation. Affected product/component: Sidebar-Content from Shortcode (sidebar-content-from-shortcode) up to ver...

6.5CVSS7.2AI score0.00334EPSS

Exploits0References1

Vulnrichment•added 2025/01/16 8:6 p.m.•3 views

CVE-2025-23641 WordPress Powie's pLinks PagePeeker plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PowieT Powie's pLinks PagePeeker plinks allows DOM-Based XSS.This issue affects Powie's pLinks PagePeeker: from n/a through = 1.0.2...

6.5CVSS8.6AI score0.00334EPSS

Exploits0References1

CVE•added 2025/01/16 8:6 p.m.•41 views

CVE-2025-23641

CVE-2025-23641: DOM-based XSS in Powie’s Powie's pLinks PagePeeker (WordPress plugin) due to improper input neutralization during page generation. Affected: Powie’s pLinks PagePeeker versions up to 1.0.2 (fixed status not publicly detailed in connected docs). CVSSv3.1 base score 6.5 (Medium) with...

6.5CVSS7.2AI score0.00334EPSS

Exploits0References1

Positive Technologies•added 2025/01/16 12:0 a.m.•2 views

PT-2025-5173 · Unknown · Easy Tweet Embed

Name of the Vulnerable Software and Affected Versions: Easy Tweet Embed versions 1.7 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting'. This allows for DOM-Based XSS attacks. Recommendations: For...

6.5CVSS9.1AI score0.00357EPSS

Exploits0References3

Positive Technologies•added 2025/01/16 12:0 a.m.•2 views

PT-2025-5174 · Unknown · Yet Another Countdown

Name of the Vulnerable Software and Affected Versions: Yet Another Countdown versions n/a through 1.0.1 Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This means that an attacker could potentially inject malicious...

6.5CVSS9.3AI score0.00357EPSS

Exploits0References3

Positive Technologies•added 2025/01/16 12:0 a.m.•3 views

PT-2025-4995 · Unknown · Pflonk Sidebar-Content From Shortcode

Name of the Vulnerable Software and Affected Versions: pflonk Sidebar-Content from Shortcode versions prior to 2.0 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows DOM-Based XSS. This problem enabl...

6.5CVSS9.4AI score0.00334EPSS

Exploits0References3

Positive Technologies•added 2025/01/16 12:0 a.m.•6 views

PT-2025-4997 · Quotemedia · Quotemedia Tools

Name of the Vulnerable Software and Affected Versions: QuoteMedia Tools versions n/a through 1.0 Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This is a type of Cross-site Scripting attack. Recommendations: For...

6.5CVSS9.1AI score0.00254EPSS

Exploits0References3

NVD•added 2025/01/15 4:15 p.m.•7 views

CVE-2025-22793

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bold Bold pagos en linea bold-pagos-en-linea allows DOM-Based XSS.This issue affects Bold pagos en linea: from n/a through = 3.1.4...

7.1CVSS0.00261EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by