CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

CNNVD•added 2026/04/23 12:0 a.m.•7 views

WordPress plugin WP Store Locator 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.6AI score0.00152EPSS

Exploits0References1

CNNVD•added 2026/04/16 12:0 a.m.•7 views

WordPress plugin WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters 安全漏洞

6.4CVSS5.8AI score0.00267EPSS

Exploits0References1

CNNVD•added 2026/04/15 12:0 a.m.•8 views

WordPress plugin Quick Interest Slider 安全漏洞

7.2CVSS5.8AI score0.00312EPSS

Exploits0References1

CNNVD•added 2026/04/04 12:0 a.m.•6 views

WordPress plugin Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin 跨站脚本漏洞

6.4CVSS5.7AI score0.00269EPSS

Exploits0References2

CNNVD•added 2026/03/21 12:0 a.m.•5 views

WordPress plugin Any Post Slider 跨站脚本漏洞

6.4CVSS5.7AI score0.00236EPSS

Exploits0References4

CNNVD•added 2026/03/21 12:0 a.m.•7 views

WordPress plugin Vagaro Booking Widget 跨站脚本漏洞

7.2CVSS5.7AI score0.00287EPSS

Exploits0References3

CNNVD•added 2026/03/21 12:0 a.m.•6 views

WordPress plugin Weaver Show Posts 跨站脚本漏洞

4.4CVSS5.7AI score0.00203EPSS

Exploits0References6

CNNVD•added 2026/03/10 12:0 a.m.•7 views

WordPress plugin MetForm Pro 跨站脚本漏洞

7.2CVSS5.8AI score0.00308EPSS

Exploits0References6

CNNVD•added 2025/11/21 12:0 a.m.•5 views

WordPress plugin WP Company Info 跨站脚本漏洞

6.4CVSS5.7AI score0.00162EPSS

Exploits0References3

CNNVD•added 2024/10/29 12:0 a.m.•3 views

WordPress plugin Post Status Notifier Lite and Premium 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

6.1CVSS5.7AI score0.00291EPSS

Exploits0References2

BDU FSTEC•added 2023/02/21 12:0 a.m.•4 views

The vulnerability of the delivery interface component in NetScaler SD-WAN and Citrix SD-WAN software management tools allows attackers to enhance their privileges.

The vulnerability of the delivery interface component in NetScaler SD-WAN and Citrix SD-WAN software management tools is related to insufficient cleaning of input data. Exploiting this vulnerability can allow an attacker to enhance their privileges remotely...

9CVSS7.7AI score0.94352EPSS

Exploits6References7Affected Software2

BDU FSTEC•added 2022/09/30 12:0 a.m.•5 views

The vulnerability of the implementation of the DefaultActionMapper mechanism in the Apache Struts software platform allows a perpetrator to execute arbitrary code.

The vulnerability of the DefaultActionMapper mechanism implemented by the Apache Struts software platform is related to insufficient cleaning of input data when processing parameters such as action:, redirect:, and redirectAction: prefix. Exploiting this vulnerability allows an attacker to execut...

10CVSS7.5AI score0.99998EPSS

Exploits18References11Affected Software9

BDU FSTEC•added 2022/01/25 12:0 a.m.•4 views

The vulnerability of the built-in software for routers such as CBR40, CBR750, EAX20, EAX80, EX7500, LAX20, MK62, MR60, MS60, R6400, R6400v2, R6700v3, R6900P, R7000, R7000P, R7850, R7900, R7900P, R7960P, R8000, R8000P, RAX15, RAX20, RAX200, RAX35v2, RAX40v2, RAX43, RAX45, RAX50, RAX75, RAX80, RBK752, RBK852, RBR750, RBR850, RBS750, RBS850, RS400, XR1000, and XR300 lies in insufficient cleaning of input data, allowing attackers to execute arbitrary commands.

9.6CVSS8.1AI score0.02366EPSS

Exploits0References3Affected Software39

BDU FSTEC•added 2022/01/25 12:0 a.m.•7 views

The vulnerability of the embedded software for routers such as D7800, EX6200v2, EX6250, EX7700, EX8000, LBR20, R7800, R8900, R9000, RAX120, RBS50Y, WNR2000v5, XR450, XR500, XR700, EX6150v2, EX7300, EX7320, EX6100v2, EX6400, EX7300v2, EX6410, RBR10, RBR20, RBR40, RBR50, and EX6420 lies in insufficient cleaning of input data, allowing attackers to execute arbitrary commands.

9.6CVSS8.1AI score0.0202EPSS

Exploits0References3Affected Software36

CNNVD•added 2022/01/13 12:0 a.m.•4 views

Qnap QcalAgent 跨站脚本漏洞

Qnap QcalAgent is a time management center from China Weilian Technology Qnap. It is used to manage personal schedules, share calendars with others, and share each other's schedules. QNAP QcalAgent suffers from a cross-site scripting vulnerability that stems from insufficient cleaning of...

6.1CVSS6.3AI score0.00697EPSS

Exploits0References3

BDU FSTEC•added 2019/03/27 12:0 a.m.•3 views

The vulnerability of the SetQoSSettings() function in D-Link’s microprogramming router software allows a hacker to execute arbitrary code.

The vulnerability of the SetQoSSettings function in D-Link router software relates to insufficient cleaning of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8AI score0.06408EPSS

Exploits1References3Affected Software1

BDU FSTEC•added 2019/03/27 12:0 a.m.•3 views

The vulnerability of the SetIPv6FirewallSettings() function in the D-Link router’s software allows a hacker to execute arbitrary code.

The vulnerability of the SetIPv6FirewallSettings function in the D-Link router’s software interface is related to insufficient cleaning of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8AI score0.06408EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by