CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

37 matches found

EUVD•added 2026/05/10 3:31 p.m.•15 views

EUVD-2022-55982

WordPress Plugin IP2Location Country Blocker 2.26.7 contains a stored cross-site scripting vulnerability that allows authenticated users to inject arbitrary JavaScript code through the Frontend Settings interface. Attackers can inject malicious scripts in the URL field of the Display page setting...

6.4CVSS5.9AI score0.00032EPSS

Exploits0References4

NVD•added 2026/05/10 1:16 p.m.•11 views

CVE-2022-50961

6.4CVSS0.00032EPSS

Exploits0References3

CNNVD•added 2026/05/10 12:0 a.m.•6 views

WordPress plugin IP2Location Country Blocker 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.4CVSS5.6AI score0.00032EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:11 a.m.•13 views

CVE-2025-1361

The IP2Location Country Blocker plugin for WordPress is vulnerable to Regular Information Exposure in all versions up to, and including, 2.38.8 due to missing capability checks on the admininit function. This makes it possible for unauthenticated attackers to view the plugin's settings...

7.5CVSS6.7AI score0.19125EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-12020

Malware in sbrugna...

7.1CVSS6.8AI score0.00089EPSS

Exploits2References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-41739

Malicious code in bioql PyPI...

5.3CVSS8.6AI score0.00114EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2024-30261

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00171EPSS

Exploits0References2

OSV•added 2025/02/22 9:15 a.m.•2 views

CVE-2025-1361

5.3CVSS7.3AI score

Exploits0References4

CVE•added 2025/02/22 8:22 a.m.•63 views

CVE-2025-1361

CVE-2025-1361 affects the IP2Location Country Blocker WordPress plugin. The vulnerability stems from missing capability checks in admin_init(), enabling unauthenticated attackers to view the plugin’s settings. It affects all versions up to and including 2.38.8. The connected Red Hat and Wordfence...

7.5CVSS7.3AI score0.19125EPSS

Exploits0References4Affected Software1

Cvelist•added 2025/02/22 8:22 a.m.•20 views

CVE-2025-1361 IP2Location Country Blocker <= 2.38.8 - Missing Authorization to Unauthenticated Information Exposure via admin_init Function

7.5CVSS0.19125EPSS

Exploits0References4

Vulnrichment•added 2025/02/22 8:22 a.m.•10 views

CVE-2025-1361 IP2Location Country Blocker <= 2.38.8 - Missing Authorization to Unauthenticated Information Exposure via admin_init Function

7.5CVSS6.7AI score0.19125EPSS

Exploits0References4

Patchstack•added 2025/02/21 9:59 p.m.•3 views

WordPress IP2Location Country Blocker plugin <= 2.38.8 - Missing Authorization to Unauthenticated Information Exposure via admin_init Function vulnerability

Missing Authorization to Unauthenticated Information Exposure via admininit Function vulnerability discovered by abrahack in WordPress Plugin Download IP2Location Country Blocker versions = 2.38.8...

7.5CVSS6.9AI score0.19125EPSS

Exploits0References1Affected Software1

NVD•added 2025/01/24 6:15 p.m.•10 views

CVE-2025-24731

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IP2Location Download IP2Location Country Blocker ip2location-country-blocker allows Stored XSS.This issue affects Download IP2Location Country Blocker: from n/a through = 2.38.3...

5.9CVSS0.00089EPSS

Exploits0References1

Cvelist•added 2025/01/24 5:25 p.m.•12 views

CVE-2025-24731 WordPress IP2Location Country Blocker plugin <= 2.38.3 - Cross Site Scripting (XSS) vulnerability

5.9CVSS0.00089EPSS

Exploits0References1

CVE•added 2025/01/24 5:25 p.m.•56 views

CVE-2025-24731

CVE-2025-24731 = Stored Cross-Site Scripting in WordPress plugin “IP2Location Country Blocker” (versions up to 2.38.3). The issue arises from improper input neutralization during web page generation, enabling attackers to inject malicious scripts that could be stored and later executed in unsuspe...

5.9CVSS7.2AI score0.00089EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/01/24 12:0 a.m.•3 views

PT-2025-5545 · Ip2Location · Ip2Location Country Blocker

Name of the Vulnerable Software and Affected Versions: IP2Location Country Blocker versions prior to 2.38.3 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS attacks. This means that an attacker can...

5.9CVSS6.1AI score0.00089EPSS

Exploits0References7

Positive Technologies•added 2024/06/04 12:0 a.m.•3 views

PT-2024-12652 · Ip2Location · Ip2Location Country Blocker

Name of the Vulnerable Software and Affected Versions: Download IP2Location Country Blocker versions 2.29.1 and earlier Description: The issue is related to an Authentication Bypass by Spoofing vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations:...

5.3CVSS7.2AI score0.00114EPSS

Exploits0References7

OSV•added 2024/04/15 8:15 a.m.•2 views

CVE-2024-32443

Cross-Site Request Forgery CSRF vulnerability in IP2Location Download IP2Location Country Blocker.This issue affects Download IP2Location Country Blocker: from n/a through 2.34.2...

8.8CVSS5.8AI score0.00171EPSS

Exploits0References1

CVE•added 2024/04/15 7:59 a.m.•52 views

CVE-2024-32443

CVE-2024-32443 is a CSRF vulnerability in the IP2Location Download IP2Location Country Blocker (WordPress plugin). Affected software: IP2Location Country Blocker Download, from n/a through 2.34.2. The vulnerability has high impact per NVD metrics (confidentiality, integrity, and availability all ...

8.8CVSS5.1AI score0.00171EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/04/15 12:0 a.m.•3 views

PT-2024-24574 · Ip2Location · Ip2Location Country Blocker

Name of the Vulnerable Software and Affected Versions: IP2Location Download IP2Location Country Blocker versions n/a through 2.34.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...

8.8CVSS6.5AI score0.00171EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by