CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

Essential Grid <= 3.1.0 - Cross-Site Scripting

Unauthenticated Reflected Cross-Site Scripting XSS vulnerability in ThemePunch OHG Essential Grid plugin = 3.1.0 versions. id: CVE-2023-47684 info: name: Essential Grid = 3.1.0 - Cross-Site Scripting author: 0xpugal severity: medium description: | Unauthenticated Reflected Cross-Site Scripting XS...

7.1CVSS6.8AI score0.02146EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-51869

Malicious code in bioql PyPI...

8.3CVSS9.1AI score0.00205EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•9 views

EUVD-2023-51782

Malicious code in bioql PyPI...

7.1CVSS6.9AI score0.02146EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:11 a.m.•3 views

CVE-2024-3235

The Essential Grid Gallery WordPress Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.1 via the onfrontajaxaction function. This makes it possible for unauthenticated attackers to view private and password protected posts that m...

5.3CVSS6.8AI score0.00938EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 1:58 a.m.•5 views

CVE-2023-47771

Missing Authorization vulnerability in ThemePunch OHG Essential Grid.This issue affects Essential Grid: from n/a through 3.0.18...

8.3CVSS6.9AI score0.00205EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 1:57 a.m.•3 views

CVE-2023-47684

Unauth. Reflected Cross-Site Scripting XSS vulnerability in ThemePunch OHG Essential Grid plugin = 3.1.0 versions...

7.1CVSS5.9AI score0.02146EPSS

Exploits0References1

NVD•added 2024/06/19 11:15 a.m.•14 views

CVE-2023-47771

Missing Authorization vulnerability in ThemePunch OHG Essential Grid.This issue affects Essential Grid: from n/a through 3.0.18...

8.3CVSS0.00205EPSS

Exploits0References1

Cvelist•added 2024/06/19 10:37 a.m.•20 views

CVE-2023-47771 WordPress Essential Grid plugin <= 3.0.18 - Multiple Authenticated Broken Access Control vulnerability

Missing Authorization vulnerability in ThemePunch OHG Essential Grid.This issue affects Essential Grid: from n/a through 3.0.18...

8.3CVSS0.00205EPSS

Exploits0References1

Vulnrichment•added 2024/06/19 10:37 a.m.•36 views

CVE-2023-47771 WordPress Essential Grid plugin <= 3.0.18 - Multiple Authenticated Broken Access Control vulnerability

Missing Authorization vulnerability in ThemePunch OHG Essential Grid.This issue affects Essential Grid: from n/a through 3.0.18...

8.3CVSS6.9AI score0.00205EPSS

Exploits0References1

CNNVD•added 2024/06/19 12:0 a.m.•2 views

WordPress plugin Essential Grid security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.3CVSS6.8AI score0.00205EPSS

Exploits0References2

Patchstack•added 2024/04/11 12:46 p.m.•2 views

WordPress Essential Grid plugin <= 3.1.1 - Unauthenticated Private Post Disclosure vulnerability

Unauthenticated Private Post Disclosure vulnerability discovered by 1337Wannabe in WordPress Plugin Essential Grid versions = 3.1.1...

5.3CVSS7AI score0.00938EPSS

Exploits0Affected Software1

Patchstack•added 2024/04/11 12:0 a.m.•10 views

WordPress Essential Grid Plugin <= 3.1.1 is vulnerable to Broken Access Control

Software Essential Grid Type Plugin Vulnerable versions = 3.1.1 Fixed in 3.1.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3235 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 597aadc22d06 Credits 1337Wannabe Required privilege...

5.3CVSS6.6AI score0.00938EPSS

Exploits0References1Affected Software1

CVE•added 2024/04/10 4:30 a.m.•57 views

CVE-2024-3235

CVE-2024-3235 affects the Essential Grid Gallery WordPress Plugin (WordPress plugin name: Essential Grid) with a Sensitive Information Exposure in the on_front_ajax_action() path. All versions up to 3.1.1 are vulnerable, allowing unauthenticated attackers to view private and password-protected po...

5.3CVSS6.7AI score0.00938EPSS

Exploits0References3

Positive Technologies•added 2024/04/10 12:0 a.m.•2 views

PT-2024-24526 · WordPress · Essential Grid Gallery

Name of the Vulnerable Software and Affected Versions: The Essential Grid Gallery WordPress Plugin versions up to, and including, 3.1.1 Description: The issue allows unauthenticated attackers to view private and password-protected posts that may contain sensitive information. This is possible due...

5.3CVSS6.8AI score0.00938EPSS

Exploits0References4

CNNVD•added 2024/04/10 12:0 a.m.•1 views

Wordpress Plugin Essential Grid 安全漏洞

5.3CVSS6.3AI score0.00938EPSS

Exploits0References3

WPVulnDB•added 2023/11/23 12:0 a.m.•24 views

Essential Grid < 3.0.19 - Missing Authorization

Description The Essential Grid plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in versions up to, and including, 3.0.18. This makes it possible for authenticated attackers, with subscriber-level access and above, to...

6.7AI score0.00205EPSS

Exploits0References1Affected Software1

WPVulnDB•added 2023/11/16 12:0 a.m.•16 views

Essential Grid < 3.1.1 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6.3AI score0.02146EPSS

Exploits0Affected Software1

NVD•added 2023/11/14 12:15 a.m.•10 views

CVE-2023-47684

Unauth. Reflected Cross-Site Scripting XSS vulnerability in ThemePunch OHG Essential Grid plugin = 3.1.0 versions...

7.1CVSS0.02146EPSS

Exploits0References1