CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Futurio Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘headersize’ attribute within the Advanced Text Block widget in all versions up to, and including, 2.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.8AI score0.0036EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:34 a.m.•8 views

CVE-2024-50446

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FuturioWP Futurio Extra futurio-extra.This issue affects Futurio Extra: from n/a through = 2.0.11...

6.5CVSS5.9AI score0.00143EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:49 a.m.•7 views

CVE-2024-53802

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FuturioWP Futurio Extra futurio-extra allows Stored XSS.This issue affects Futurio Extra: from n/a through = 2.0.14...

6.5CVSS7.2AI score0.00181EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:28 a.m.•5 views

CVE-2024-10695

The Futurio Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.0.13 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...

4.3CVSS6.5AI score0.0021EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:25 p.m.•7 views

CVE-2021-25110

The Futurio Extra WordPress plugin before 1.6.3 allows any logged in user, such as subscriber, to extract any other user's email address...

4.3CVSS6.7AI score0.00237EPSS

Exploits2References1

OSV•added 2024/12/06 2:15 p.m.•2 views

CVE-2024-53802

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FuturioWP Futurio Extra allows Stored XSS.This issue affects Futurio Extra: from n/a through 2.0.14...

5.4CVSS7.3AI score0.00181EPSS

Exploits0References1

NVD•added 2024/12/06 2:15 p.m.•13 views

CVE-2024-53802

6.5CVSS0.00181EPSS

Exploits0References1

CVE•added 2024/12/06 1:7 p.m.•48 views

CVE-2024-53802

CVE-2024-53802 is a stored Cross-Site Scripting vulnerability in the Futurio Extra WordPress plugin. Public details indicate improper input handling during web page generation, exploitable via the header_size tag, affecting Futurio Extra versions from unspecified earlier releases up to and includ...

6.5CVSS7.2AI score0.00181EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/12/06 1:7 p.m.•13 views

CVE-2024-53802 WordPress Futurio Extra plugin <= 2.0.14 - Cross Site Scripting (XSS) vulnerability

6.5CVSS6.8AI score0.00181EPSS

Exploits0References1

Cvelist•added 2024/12/06 1:7 p.m.•24 views

CVE-2024-53802 WordPress Futurio Extra plugin <= 2.0.14 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00181EPSS

Exploits0References1

Positive Technologies•added 2024/12/06 12:0 a.m.•5 views

PT-2024-35916 · Unknown · Futurio Extra

Name of the Vulnerable Software and Affected Versions: Futurio Extra versions prior to 2.0.14 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored Cross-site Scripting XSS. This enables attackers to inject malicious scripts into...

6.5CVSS6.5AI score0.00181EPSS

Exploits0References4

CNNVD•added 2024/12/06 12:0 a.m.•3 views

WordPress plugin Futurio Extra 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS7.7AI score0.00181EPSS

Exploits0References1

Patchstack•added 2024/12/02 11:17 a.m.•3 views

WordPress Futurio Extra plugin <= 2.0.14 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Futurio Extra versions = 2.0.14...

6.5CVSS6.1AI score0.00181EPSS

Exploits0Affected Software1

OSV•added 2024/11/12 4:15 a.m.•1 views

CVE-2024-10695

4.3CVSS7.3AI score0.0021EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by