CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

77 matches found

RedhatCVE•added 2026/03/26 5:3 p.m.•1 views

CVE-2026-25456

Missing Authorization vulnerability in Aarsiv Groups Automated FedEx live/manual rates with shipping labels a2z-fedex-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automated FedEx live/manual rates with shipping labels: from n/a through = 5.1....

7.3CVSS5.8AI score0.00054EPSS

Exploits0References1

EUVD•added 2026/03/25 6:31 p.m.•0 views

EUVD-2026-15736

5.8AI score0.00054EPSS

Exploits0References2

NVD•added 2026/03/25 5:16 p.m.•0 views

CVE-2026-25456

7.3CVSS0.00054EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•3 views

CVE-2026-25456

CVE-2026-25456 (A2Z FedEx shipping plugin for WordPress, a2z-fedex-shipping) is a Missing Authorization vulnerability affecting Automated FedEx live/manual rates with shipping labels up to version 5.1.8. Reported with CVSS v3.1 base score 7.5 (Network, High confidentiality impact, No availability...

7.3CVSS5.8AI score0.00054EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•1 views

CVE-2026-25456 WordPress Automated FedEx live/manual rates with shipping labels plugin <= 5.1.9 - Broken Access Control vulnerability

7.3CVSS5.1AI score0.00054EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•22 views

CVE-2026-25456 WordPress Automated FedEx live/manual rates with shipping labels plugin <= 5.1.9 - Broken Access Control vulnerability

7.3CVSS0.00054EPSS

Exploits0References1

CNNVD•added 2026/03/25 12:0 a.m.•4 views

WordPress plugin Automated FedEx live/manual rates with shipping labels 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.3CVSS5.8AI score0.00054EPSS

Exploits0References1

Positive Technologies•added 2026/03/25 12:0 a.m.•1 views

PT-2026-27952

Name of the Vulnerable Software and Affected Versions Automated FedEx live/manual rates with shipping labels versions n/a through 5.1.8 Description A missing authorization issue exists in Aarsiv Groups Automated FedEx live/manual rates with shipping labels a2z-fedex-shipping. This allows...

7.5CVSS5.9AI score0.00054EPSS

Exploits0References4

Patchstack•added 2026/03/17 11:1 a.m.•3 views

WordPress Automated FedEx live/manual rates with shipping labels plugin <= 5.1.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by johska in WordPress Plugin Automated FedEx live/manual rates with shipping labels versions = 5.1.8...

7.5CVSS5.8AI score0.00054EPSS

Exploits0Affected Software1

Krebs on Security•added 2025/11/26 5:22 p.m.•4 views

Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’

A prolific cybercriminal group that calls itself "Scattered LAPSUS$ Hunters " has dominated headlines this year by regularly stealing data from and publicly mass extorting dozens of major corporations. But the tables seem to have turned somewhat for "Rey," the moniker chosen by the technical...

6.9AI score

Exploits0

RedhatCVE•added 2025/02/21 11:25 a.m.•6 views

CVE-2024-13491

The Small Package Quotes – For Customers of FedEx plugin for WordPress is vulnerable to SQL Injection via the 'editid' and 'dropshipeditid' parameters in all versions up to, and including, 4.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

7.5CVSS7.5AI score0.0012EPSS

Exploits0References1

OSV•added 2025/02/19 12:15 p.m.•1 views

CVE-2024-13491

7.5CVSS5.8AI score

Exploits0References2

NVD•added 2025/02/19 12:15 p.m.•7 views

CVE-2024-13491

7.5CVSS0.0012EPSS

Exploits0References2

Cvelist•added 2025/02/19 11:10 a.m.•9 views

CVE-2024-13491 Small Package Quotes – For Customers of FedEx <= 4.3.1 - Unauthenticated SQL Injection

7.5CVSS0.0012EPSS

Exploits0References2

CVE•added 2025/02/19 11:10 a.m.•37 views

CVE-2024-13491

CVE-2024-13491 affects the WordPress plugin Small Package Quotes – For Customers of FedEx . The vulnerability is an SQL Injection in parameters edit_id and dropship_edit_id due to insufficient escaping and inadequate preparation of the SQL query. It affects versions up to and including 4.3.1 and ...

7.5CVSS7.6AI score0.0012EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2025/02/19 11:10 a.m.•12 views

CVE-2024-13491 Small Package Quotes – For Customers of FedEx <= 4.3.1 - Unauthenticated SQL Injection

7.5CVSS7.6AI score0.0012EPSS

Exploits0References2

Patchstack•added 2025/02/19 12:1 a.m.•3 views

WordPress Small Package Quotes – For Customers of FedEx plugin <= 4.3.1 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Colin Xu in WordPress Plugin Small Package Quotes – For Customers of FedEx versions = 4.3.1...

7.5CVSS8.1AI score0.0012EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/02/14 11:24 a.m.•7 views

CVE-2024-13480

The LTL Freight Quotes – For Customers of FedEx Freight plugin for WordPress is vulnerable to SQL Injection via the 'editid' and 'dropshipeditid' parameters in all versions up to, and including, 3.4.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation o...

7.5CVSS9.6AI score0.0022EPSS

Exploits0References1

NVD•added 2025/02/12 12:15 p.m.•12 views

CVE-2024-13480

7.5CVSS0.0022EPSS

Exploits0References2

Cvelist•added 2025/02/12 11:11 a.m.•9 views

CVE-2024-13480 LTL Freight Quotes – For Customers of FedEx Freight <= 3.4.1 - Unauthenticated SQL Injection

7.5CVSS0.0022EPSS

Exploits0References2

Rows per page