CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4380 matches found

Vulnrichment•added 2025/12/31 11:53 a.m.•5 views

CVE-2025-62757 WordPress WebMan Amplifier plugin <= 1.5.12 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through 1.5.12...

6.5CVSS6AI score0.00173EPSS

Exploits0References1

Cvelist•added 2025/12/31 11:53 a.m.•25 views

CVE-2025-62757 WordPress WebMan Amplifier plugin <= 1.5.12 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier webman-amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through = 1.5.12...

6.5CVSS0.00173EPSS

Exploits0References1

RedhatCVE•added 2025/12/31 11:6 a.m.•3 views

CVE-2025-69092

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows DOM-Based XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.5.3...

6.5CVSS6.4AI score0.00127EPSS

Exploits0References1

RedhatCVE•added 2025/12/31 11:5 a.m.•2 views

CVE-2025-69088

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vidish Combo Offers WooCommerce woo-combo-offers allows DOM-Based XSS.This issue affects Combo Offers WooCommerce: from n/a through = 4.2...

6.5CVSS6.4AI score0.00135EPSS

Exploits0References1

RedhatCVE•added 2025/12/31 11:5 a.m.•2 views

CVE-2025-69019

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FlippingBook FlippingBook flippingbook allows DOM-Based XSS.This issue affects FlippingBook: from n/a through = 2.0.1...

6.5CVSS6.4AI score0.00127EPSS

Exploits0References1

EUVD•added 2025/12/31 8:55 a.m.•3 views

EUVD-2025-205909

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Funnelforms Funnelforms Free allows DOM-Based XSS.This issue affects Funnelforms Free: from n/a through 3.8...

6.5CVSS5.9AI score0.00137EPSS

Exploits0References2

Vulnrichment•added 2025/12/31 8:55 a.m.•4 views

CVE-2025-62758 WordPress Funnelforms Free plugin <= 3.8 - Cross Site Scripting (XSS) vulnerability

6.5CVSS6AI score0.00137EPSS

Exploits0References1

CVE•added 2025/12/31 8:55 a.m.•9 views

CVE-2025-62758

CVE-2025-62758 is a DOM-based XSS vulnerability in Funnelforms Free (authenticated, contributor+ context) that arises from improper input neutralization during web page generation. Affected: Funnelforms Free up to version 3.8. Impact as stated: cross-site scripting vulnerabilities; no public expl...

6.5CVSS5.9AI score0.00137EPSS

Exploits0References1

CNNVD•added 2025/12/31 12:0 a.m.•4 views

WordPress plugin Valenti Engine 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS6AI score0.0017EPSS

Exploits0References1

CNNVD•added 2025/12/31 12:0 a.m.•3 views

WordPress plugin WooCommerce Parcelas 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripti...

5.9CVSS6AI score0.00182EPSS

Exploits0References1

Patchstack•added 2025/12/31 12:0 a.m.•5 views

WordPress Essential Addons for Elementor plugin <= 6.0.4 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Essential Addons for Elementor versions = 6.0.4...

6.4CVSS5.3AI score0.00292EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/12/31 12:0 a.m.•4 views

WordPress Divi theme <= 4.27.1 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability discovered by Webbernaut in WordPress Theme Divi versions = 4.27.1...

6.4CVSS5.3AI score0.00292EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/12/31 12:0 a.m.•3 views

PT-2025-54310

Name of the Vulnerable Software and Affected Versions lvaudore The Moneytizer versions through 10.0.6 Description The Moneytizer is susceptible to a DOM-Based Cross-Site Scripting issue due to improper neutralization of input during web page generation. This allows for potential execution of...

6.5CVSS6.1AI score0.00173EPSS

Exploits0References5

Positive Technologies•added 2025/12/31 12:0 a.m.•3 views

PT-2025-54309

Name of the Vulnerable Software and Affected Versions kalender.Digital Calendar.Online / Kalender.Digital versions through 1.0.11 Description The software contains a flaw related to improper input handling during web page generation, leading to a Cross-site Scripting XSS condition. Specifically,...

6.5CVSS6AI score0.00168EPSS

Exploits0References5

CNNVD•added 2025/12/31 12:0 a.m.•4 views

WordPress plugin Content Fetcher 跨站脚本漏洞

6.5CVSS5.9AI score0.00168EPSS

Exploits0References2

CNNVD•added 2025/12/31 12:0 a.m.•3 views

WordPress plugin The Moneytizer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripti...

6.5CVSS5.9AI score0.00173EPSS

Exploits0References1

CNNVD•added 2025/12/31 12:0 a.m.•3 views

WordPress plugin Web and WooCommerce Addons for WPBakery Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-sit...

6.5CVSS5.9AI score0.00173EPSS

Exploits0References1

Positive Technologies•added 2025/12/31 12:0 a.m.•3 views

PT-2025-54334

Name of the Vulnerable Software and Affected Versions WooCommerce Parcelas versions through 1.3.5 Description The software contains a flaw related to improper input handling during web page generation, specifically a DOM-Based Cross-Site Scripting issue. This allows for the potential execution of...

5.9CVSS6.2AI score0.00182EPSS

Exploits0References3

Patchstack•added 2025/12/31 12:0 a.m.•7 views

WordPress Responsive Lightbox & Gallery plugin <= 2.4.7 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Featherlight.js JavaScript Library vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Featherlight.js JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Responsive Lightbox versions = 2.4.7...

6.4CVSS8.3AI score0.00299EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/12/31 12:0 a.m.•6 views

WordPress Auto Thickbox plugin <= 3.5 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via ThickBox JavaScript Library vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via ThickBox JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Auto Thickbox versions = 3.5...

6.4CVSS5.9AI score0.00225EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by