CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Patchstack•added 2026/04/16 9:15 a.m.•2 views

WordPress Career Section plugin <= 1.6 - Cross-Site Request Forgery to Arbitrary File Deletion vulnerability

Cross-Site Request Forgery to Arbitrary File Deletion vulnerability discovered by Ivan Cese in WordPress Plugin Career Section versions = 1.6...

8.8CVSS5.8AI score0.00412EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/02/07 12:7 a.m.•7 views

WordPress The Bucketlister plugin <= 0.1.5 - Authenticated (Contributor+) SQL Injection via `category` and `id` Shortcode Attributes vulnerability

Authenticated Contributor+ SQL Injection via category and id Shortcode Attributes vulnerability discovered by Ivan Cese in WordPress Plugin The Bucketlister versions = 0.1.5...

6.5CVSS5.7AI score0.00217EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/01/13 10:23 p.m.•6 views

WordPress PDF Resume Parser plugin <= 1.0 - Unauthenticated Sensitive Information Disclosure in SMTP Credentials vulnerability

Unauthenticated Sensitive Information Disclosure in SMTP Credentials vulnerability discovered by Ivan Cese in WordPress Plugin PDF Resume Parser versions = 1.0...

5.3CVSS6.6AI score0.00323EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/11/25 12:4 a.m.•4 views

WordPress ProjectList plugin <= 0.3.0 - Authenticated (Editor+) SQL Injection via 'id' Parameter vulnerability

Authenticated Editor+ SQL Injection via 'id' Parameter vulnerability discovered by Ivan Cese in WordPress Plugin ProjectList versions = 0.3.0...

4.9CVSS8.1AI score0.00259EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/11/17 11:55 p.m.•6 views

WordPress Simple User Import Export plugin <= 1.1.7 - Authenticated (Admin+) CSV Injection vulnerability

Authenticated Admin+ CSV Injection vulnerability discovered by Ivan Cese in WordPress Plugin Simple User Import Export versions = 1.1.7...

6.6CVSS7.2AI score0.00237EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/11/17 11:16 p.m.•5 views

WordPress Top Friends plugin <= 0.3 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Ivan Cese in WordPress Plugin Top Friends versions = 0.3...

4.3CVSS7.1AI score0.00106EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/11/17 11:3 p.m.•5 views

WordPress Local Syndication plugin <= 1.5a - Authenticated (Contributor+) Server-Side Request Forgery via Shortcode vulnerability

Authenticated Contributor+ Server-Side Request Forgery via Shortcode vulnerability discovered by Ivan Cese in WordPress Plugin Local Syndication versions = 1.5a...

6.4CVSS7.1AI score0.00205EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/11/17 10:51 p.m.•4 views

WordPress CSV to SortTable plugin <= 4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Ivan Cese in WordPress Plugin CSV to SortTable versions = 4.2...

6.4CVSS5.8AI score0.00162EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by