CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-26928

Malicious code in bioql PyPI...

7.1CVSS6.5AI score0.00025EPSS

Exploits0References1

RedhatCVE•added 2025/09/07 2:32 p.m.•2 views

CVE-2025-58849

Cross-Site Request Forgery CSRF vulnerability in Deepak S Hide Real Download Path hide-real-download-path allows Stored XSS.This issue affects Hide Real Download Path: from n/a through = 1.6...

7.1CVSS5.9AI score0.00025EPSS

Exploits0References1

NVD•added 2025/09/05 2:15 p.m.•1 views

CVE-2025-58849

Cross-Site Request Forgery CSRF vulnerability in Deepak S Hide Real Download Path hide-real-download-path allows Stored XSS.This issue affects Hide Real Download Path: from n/a through = 1.6...

7.1CVSS0.00025EPSS

Exploits0References1

CVE•added 2025/09/05 1:45 p.m.•11 views

CVE-2025-58849

CVE-2025-58849 is a CSRF vulnerability in the WordPress plugin Hide Real Download Path up to version 1.6 that can trigger Stored XSS. The provided documents do not specify a patched version; monitor for vendor updates and apply fixes when available.

7.1CVSS5.9AI score0.00025EPSS

Exploits0References1

Cvelist•added 2025/09/05 1:45 p.m.•8 views

CVE-2025-58849 WordPress Hide Real Download Path Plugin <= 1.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Deepak S Hide Real Download Path hide-real-download-path allows Stored XSS.This issue affects Hide Real Download Path: from n/a through = 1.6...

7.1CVSS0.00025EPSS

Exploits0References1

Patchstack•added 2025/09/05 1:36 p.m.•2 views

WordPress Hide Real Download Path Plugin <= 1.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Hide Real Download Path versions = 1.6...

7.1CVSS6.6AI score0.00025EPSS

Exploits0Affected Software1

CNNVD•added 2025/09/05 12:0 a.m.•1 views

WordPress plugin Hide Real Download Path 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

7.1CVSS5.9AI score0.00025EPSS

Exploits0References1

Positive Technologies•added 2025/09/05 12:0 a.m.•2 views

PT-2025-36188

Name of the Vulnerable Software and Affected Versions: Hide Real Download Path versions n/a through 1.6 Description: A Cross-Site Request Forgery CSRF vulnerability exists in Deepak S Hide Real Download Path, which can also lead to Stored Cross-Site Scripting XSS. Recommendations: At the moment,...

7.1CVSS5.2AI score0.00025EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by