CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

CNVD•added 2025/12/30 12:0 a.m.•3 views

WordPress Draft Notify plugin cross-site scripting vulnerability

WordPress Draft Notify plugin is a WordPress plugin for managing draft notifications on your WordPress site. The WordPress Draft Notify plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which...

5.4CVSS6.1AI score0.00027EPSS

Exploits0References1

RedhatCVE•added 2025/12/25 1:23 p.m.•4 views

CVE-2025-67627

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TouchOfTech Draft Notify draft-notify allows Stored XSS.This issue affects Draft Notify: from n/a through = 1.5...

5.9CVSS6AI score0.00027EPSS

Exploits0References1

EUVD•added 2025/12/24 3:30 p.m.•2 views

EUVD-2025-205280

5.4CVSS5.5AI score0.00027EPSS

Exploits0References2

NVD•added 2025/12/24 1:16 p.m.•2 views

CVE-2025-67627

5.9CVSS0.00027EPSS

Exploits0References1

Vulnrichment•added 2025/12/24 1:10 p.m.•2 views

CVE-2025-67627 WordPress Draft Notify plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

5.9CVSS5.6AI score0.00027EPSS

Exploits0References1

CVE•added 2025/12/24 1:10 p.m.•5 views

CVE-2025-67627

CVE-2025-67627 is a Stored XSS vulnerability in the Draft Notify (draft-notify) WordPress plugin from TouchOfTech. The Initial Description identifies it as Improper Neutralization of Input During Web Page Generation and notes the affected range as Draft Notify: from n/a through

5.9CVSS5.6AI score0.00027EPSS

Exploits0References1