CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3946 matches found

RedhatCVE•added 2025/03/29 11:39 a.m.•4 views

CVE-2025-30846

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jetmonsters Restaurant Menu by MotoPress mp-restaurant-menu allows PHP Local File Inclusion.This issue affects Restaurant Menu by MotoPress: from n/a through = 2.4.4...

8.8CVSS7.2AI score0.00643EPSS

Exploits0References1

OSV•added 2025/03/28 10:15 p.m.•7 views

CVE-2024-58128

In MISP before 2.4.193, menucustomrightlink parameters can be set via the UI i.e., without using the CLI and thus attackers with admin privileges can conduct XSS attacks via a global menu link...

4.8CVSS6.2AI score

Exploits0References2

CNNVD•added 2025/03/28 12:0 a.m.•1 views

MISP 安全漏洞

MISP is an open source software solution from MISP Open Source. The product is used to collect, store, distribute, and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A security vulnerability exists in MISP versions prior to 2.4.193...

5.5CVSS6.1AI score0.00193EPSS

Exploits0References2

CVE•added 2025/03/28 12:0 a.m.•56 views

CVE-2024-58128

CVE-2024-58128 (MISP) affects MISP prior to 2.4.193. The issue allows attackers with admin privileges to perform cross-site scripting (XSS) through the menu_custom_right_link parameter set via the UI (no CLI). The root cause is an insufficiency in input validation/handling of that parameter, enab...

5.5CVSS6.2AI score0.00193EPSS

Exploits0References2Affected Software1

OSV•added 2025/03/27 2:15 p.m.•3 views

CVE-2025-2852

A vulnerability has been found in SourceCodester Food Ordering Management System up to 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/menus/viewmenu.php. The manipulation of the argument ID leads to sql injection. The attack can be...

5.1CVSS5.7AI score0.0035EPSS

Exploits1References5

Patchstack•added 2025/03/27 11:17 a.m.•3 views

WordPress Float menu plugin <= 6.1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Khang Duong in WordPress Plugin Float menu versions = 6.1.2...

5.4CVSS6.9AI score0.0017EPSS

Exploits0Affected Software1

ATTACKERKB•added 2025/03/27 11:15 a.m.•1 views

CVE-2025-30912

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Float menu float-menu allows Cross Site Request Forgery.This issue affects Float menu: from n/a through = 6.1.2...

5.4CVSS7.2AI score0.0017EPSS

Exploits0References3

NVD•added 2025/03/27 11:15 a.m.•11 views

CVE-2025-30912

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Float menu float-menu allows Cross Site Request Forgery.This issue affects Float menu: from n/a through = 6.1.2...

5.4CVSS0.0017EPSS

Exploits0References1

NVD•added 2025/03/27 11:15 a.m.•4 views

CVE-2025-30846

8.8CVSS0.00643EPSS

Exploits0References1

Patchstack•added 2025/03/27 11:5 a.m.•2 views

WordPress Restaurant Menu by MotoPress plugin <= 2.4.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by muhammad yudha in WordPress Plugin Restaurant Menu by MotoPress versions = 2.4.4...

8.8CVSS7AI score0.00643EPSS

Exploits0Affected Software1

Vulnrichment•added 2025/03/27 10:55 a.m.•4 views

CVE-2025-30912 WordPress Float menu plugin <= 6.1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Float menu float-menu allows Cross Site Request Forgery.This issue affects Float menu: from n/a through = 6.1.2...

5.4CVSS7.3AI score0.0017EPSS

Exploits0References1

CVE•added 2025/03/27 10:55 a.m.•62 views

CVE-2025-30912

CVE-2025-30912 is a CSRF vulnerability in the Float menu WordPress plugin. Affected: Float menu versions up to 6.1.2 (initial doc lists the range). The issue permits Cross-Site Request Forgery to change settings; impact per CVSS includes no confidentiality loss, partial integrity, and partial ava...

5.4CVSS7.2AI score0.0017EPSS

Exploits0References1

Cvelist•added 2025/03/27 10:55 a.m.•12 views

CVE-2025-30912 WordPress Float menu plugin <= 6.1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Float menu float-menu allows Cross Site Request Forgery.This issue affects Float menu: from n/a through = 6.1.2...

5.4CVSS0.0017EPSS

Exploits0References1

Vulnrichment•added 2025/03/27 10:55 a.m.•4 views

CVE-2025-30846 WordPress Restaurant Menu by MotoPress plugin <= 2.4.4 - Local File Inclusion vulnerability

8.8CVSS7.4AI score0.00643EPSS

Exploits0References1

CVE•added 2025/03/27 10:55 a.m.•46 views

CVE-2025-30846

CVE-2025-30846 — In the WordPress plugin Restaurant Menu by MotoPress , there is an improper validation in PHP include/require that enables a local file inclusion vulnerability. Affected: versions up to 2.4.4. The vulnerability is described as an authenticated Local File Inclusion (LFI) exposure;...

8.8CVSS7.2AI score0.00643EPSS

Exploits0References1

CNNVD•added 2025/03/27 12:0 a.m.•1 views

WordPress plugin Float menu 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

5.4CVSS8.5AI score0.0017EPSS

Exploits0References2

RedhatCVE•added 2025/03/26 2:39 p.m.•5 views

CVE-2025-30527

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codetoolbox My Bootstrap Menu my-bootstrap-menu allows Stored XSS.This issue affects My Bootstrap Menu: from n/a through = 1.2.1...

5.9CVSS7.2AI score0.00304EPSS

Exploits0References1

RedhatCVE•added 2025/03/26 2:34 p.m.•5 views

CVE-2025-30543

Missing Authorization vulnerability in swayam.tejwani Menu Duplicator copy-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Menu Duplicator: from n/a through = 1.0...

4.3CVSS7.2AI score0.00346EPSS

Exploits0References1

RedhatCVE•added 2025/03/26 2:31 p.m.•5 views

CVE-2025-30560

Cross-Site Request Forgery CSRF vulnerability in Sana Ullah jQuery Dropdown Menu jquery-drop-down-menu-plugin allows Stored XSS.This issue affects jQuery Dropdown Menu: from n/a through = 3.0...

7.1CVSS7.2AI score0.00173EPSS

Exploits0References1

vulnersOsv•added 2025/03/25 2:0 p.m.•6 views

1food-menu (>=0.0.1 <=0.2.3), 7qb-cli (=2.0.0) +2710 more potentially affected by CVE-2025-30208 via vite (>=0.14.4 <=4.5.1)

vite NPM version =0.14.4, =0.0.1, =1.0.0, =4.0.61, =4.0.61, =4.0.61, =4.0.61, =0.0.3, =1.0.1, =1.0.12, =0.0.4, =1.0.1, =1.0.7 and more Source cves: CVE-2025-30208 Source advisory: OSV:GHSA-X574-M823-4X7W...

7.5CVSS6.5AI score0.78572EPSS

Exploits28

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by