CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

50 matches found

Patchstack•added 2026/02/02 8:31 a.m.•4 views

WordPress HelloAsso plugin <= 1.1.10 - Missing Authorization to Authenticated (Contributor+) Limited Options Update vulnerability

Missing Authorization to Authenticated Contributor+ Limited Options Update vulnerability discovered by Peter Thaleikis in WordPress Plugin HelloAsso versions = 1.1.10...

4.3CVSS5.3AI score0.00131EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-30484

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.0017EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-40833

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00356EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-48496

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00131EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-3783

Malicious code in bioql PyPI...

6.5CVSS8.9AI score0.00347EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-36704

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00143EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 11:39 a.m.•4 views

CVE-2025-24575

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HelloAsso HelloAsso helloasso allows Stored XSS.This issue affects HelloAsso: from n/a through = 1.1.11...

6.5CVSS7.2AI score0.00347EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:29 a.m.•6 views

CVE-2024-7605

The HelloAsso plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'haajax' function in all versions up to, and including, 1.1.10. This makes it possible for authenticated attackers, with Contributor-level access and above, to update...

4.3CVSS6.5AI score0.00131EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:37 a.m.•5 views

CVE-2024-32697

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HelloAsso allows Stored XSS.This issue affects HelloAsso: from n/a through 1.1.5...

6.5CVSS5.2AI score0.0017EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 7:42 a.m.•12 views

CVE-2024-37488

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HelloAsso HelloAsso helloasso.This issue affects HelloAsso: from n/a through = 1.1.9...

6.5CVSS5.9AI score0.00143EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 7:21 a.m.•3 views

CVE-2024-44052

Missing Authorization vulnerability in HelloAsso HelloAsso helloasso.This issue affects HelloAsso: from n/a through = 1.1.10...

8.8CVSS5.9AI score0.00356EPSS

Exploits0References1

NVD•added 2025/01/24 6:15 p.m.•6 views

CVE-2025-24575

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HelloAsso HelloAsso helloasso allows Stored XSS.This issue affects HelloAsso: from n/a through = 1.1.11...

6.5CVSS0.00347EPSS

Exploits0References1

Vulnrichment•added 2025/01/24 5:24 p.m.•9 views

CVE-2025-24575 WordPress HelloAsso plugin <= 1.1.11 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HelloAsso HelloAsso helloasso allows Stored XSS.This issue affects HelloAsso: from n/a through = 1.1.11...

6.5CVSS7.2AI score0.00347EPSS

Exploits0References1

Cvelist•added 2025/01/24 5:24 p.m.•17 views

CVE-2025-24575 WordPress HelloAsso plugin <= 1.1.11 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HelloAsso HelloAsso helloasso allows Stored XSS.This issue affects HelloAsso: from n/a through = 1.1.11...

6.5CVSS0.00347EPSS

Exploits0References1

CVE•added 2025/01/24 5:24 p.m.•44 views

CVE-2025-24575

CVE-2025-24575 : WordPress HelloAsso plugin (

6.5CVSS7.2AI score0.00347EPSS

Exploits0References1

Patchstack•added 2025/01/24 11:47 a.m.•1 views

WordPress HelloAsso plugin <= 1.1.11 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Mika in WordPress Plugin HelloAsso versions = 1.1.11...

6.5CVSS6.1AI score0.00347EPSS

Exploits0Affected Software1

CNNVD•added 2025/01/24 12:0 a.m.•0 views

WordPress plugin HelloAsso 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS8AI score0.00347EPSS

Exploits0References2

Positive Technologies•added 2025/01/24 12:0 a.m.•1 views

PT-2025-5416 · Helloasso · Helloasso

Name of the Vulnerable Software and Affected Versions: HelloAsso versions 1.1.11 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means that an attacker can inject malicious scripts...

6.5CVSS5.6AI score0.00347EPSS

Exploits0References3

OSV•added 2024/11/01 3:15 p.m.•1 views

CVE-2024-44052

Missing Authorization vulnerability in HelloAsso allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HelloAsso: from n/a through 1.1.10...

8.8CVSS5.8AI score0.00356EPSS

Exploits0References1

NVD•added 2024/11/01 3:15 p.m.•14 views

CVE-2024-44052

Missing Authorization vulnerability in HelloAsso HelloAsso helloasso.This issue affects HelloAsso: from n/a through = 1.1.10...

8.8CVSS0.00356EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by