CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

346 matches found

WPVulnDB•added 2024/04/04 12:0 a.m.•14 views

Watu Quiz < 3.4.1.1 - Sensitive Information Disclosure

Description The Watu Quiz plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.1 via the watu-userinfo shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to extract sensitive user meta...

4.3CVSS5.3AI score0.005EPSS

Exploits0References1Affected Software1

WPVulnDB•added 2024/04/01 12:0 a.m.•19 views

WordPress Meta Data and Taxonomies Filter (MDTF) < 1.3.3.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting

Description The WordPress Meta Data and Taxonomies Filter MDTF plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

7.1CVSS5.8AI score0.00421EPSS

Exploits0References1Affected Software1

WPVulnDB•added 2024/04/01 12:0 a.m.•16 views

WordPress Meta Data and Taxonomies Filter (MDTF) < 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The WordPress Meta Data and Taxonomies Filter MDTF plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.5CVSS5.8AI score0.00351EPSS

Exploits0References1Affected Software1

WPVulnDB•added 2024/04/01 12:0 a.m.•13 views

WordPress Meta Data and Taxonomies Filter (MDTF) < 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.5CVSS5.8AI score0.00334EPSS

Exploits0References1Affected Software1

OSV•added 2024/03/29 1:15 p.m.•1 views

CVE-2024-30457

Cross-Site Request Forgery CSRF vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter MDTF.This issue affects WordPress Meta Data and Taxonomies Filter MDTF: from n/a through 1.3.3.1...

8.8CVSS5.8AI score0.00241EPSS

Exploits0References1

NVD•added 2024/03/29 1:15 p.m.•9 views

CVE-2024-30457

8.8CVSS4.6AI score0.00241EPSS

Exploits0References1

Cvelist•added 2024/03/29 6:43 a.m.•36 views

CVE-2024-1858 Lightbox slider – Responsive Lightbox Gallery <= 1.9.9 - Authenticated (Contributor+) PHP Object Injection

The Lightbox slider – Responsive Lightbox Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.9 via deserialization of untrusted input through post meta data. This makes it possible for authenticated attackers, with contributor-level access...

5.4CVSS6AI score0.00536EPSS

Exploits0References2

Positive Technologies•added 2024/03/29 12:0 a.m.•4 views

PT-2024-23386 · WordPress · Wordpress Meta Data/Taxonomies Filter

Name of the Vulnerable Software and Affected Versions: WordPress Meta Data and Taxonomies Filter MDTF versions 1.3.3.1 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the WordPress Meta Data and Taxonomies Filter MDTF plugin. This allows an attacker to perform unintended...

8.8CVSS9.5AI score0.00241EPSS

Exploits0References6

WPVulnDB•added 2024/03/28 12:0 a.m.•14 views

Lightbox slider – Responsive Lightbox Gallery <= 1.9.9 - Authenticated (Contributor+) PHP Object Injection

Description The Lightbox slider – Responsive Lightbox Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.9 via deserialization of untrusted input through post meta data. This makes it possible for authenticated attackers, with...

5.4CVSS7.2AI score0.00536EPSS

Exploits0References1

OSV•added 2024/03/27 2:15 p.m.•1 views

CVE-2024-29763

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter MDTF allows Reflected XSS.This issue affects WordPress Meta Data and Taxonomies Filter MDTF: from n/a through 1.3.3...

6.1CVSS7.3AI score0.00421EPSS

Exploits0References1

CVE•added 2024/03/27 1:11 p.m.•78 views

CVE-2024-29763

Technical details for CVE-2024-29763 are not provided in the supplied documents. No vendor/product/version specifics or impact information are disclosed here. Monitor for official updates and additional disclosures.

7.1CVSS8.6AI score0.00421EPSS

Exploits0References1Affected Software1

OSV•added 2024/03/27 10:15 a.m.•3 views

CVE-2024-29932

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter MDTF allows Stored XSS.This issue affects WordPress Meta Data and Taxonomies Filter MDTF: from n/a through 1.3.2...

5.4CVSS5.8AI score0.00351EPSS

Exploits0References1

Cvelist•added 2024/03/27 10:11 a.m.•12 views

CVE-2024-29932 WordPress WordPress Meta Data and Taxonomies Filter (MDTF) plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability

6.5CVSS6.6AI score0.00351EPSS

Exploits0References1

OSV•added 2024/03/27 7:15 a.m.•2 views

CVE-2024-29906

5.4CVSS5.8AI score0.00334EPSS

Exploits0References1

NVD•added 2024/03/27 7:15 a.m.•14 views

CVE-2024-29906

5.9CVSS6.4AI score0.00334EPSS

Exploits0References1

Positive Technologies•added 2024/03/27 12:0 a.m.•3 views

PT-2024-23156 · WordPress · Wordpress Meta Data/Taxonomies Filter

Name of the Vulnerable Software and Affected Versions: WordPress Meta Data and Taxonomies Filter MDTF versions 1.3.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This mean...

6.5CVSS9.2AI score0.00351EPSS

Exploits0References6

Patchstack•added 2024/03/25 12:0 a.m.•7 views

WordPress WordPress Meta Data and Taxonomies Filter (MDTF) Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Meta Data and Taxonomies Filter MDTF Type Plugin Vulnerable versions = 1.3.2 Fixed in 1.3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29932 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 391da759025d Credits Yudisti...

6.5CVSS6.9AI score0.00351EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/03/25 12:0 a.m.•13 views

WordPress WordPress Meta Data and Taxonomies Filter (MDTF) Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Meta Data and Taxonomies Filter MDTF Type Plugin Vulnerable versions = 1.3.2 Fixed in 1.3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29906 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 19338c850285 Credits...

6.5CVSS6.9AI score0.00334EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/03/16 4:26 a.m.•89 views

CVE-2024-23523 WordPress Elementor Pro plugin <= 3.19.2 - Contributor+ Arbitrary User Meta Data Retrieval vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Elementor Pro.This issue affects Elementor Pro: from n/a through 3.19.2...

6.5CVSS6.6AI score0.00529EPSS

Exploits0References1

Vulnrichment•added 2024/03/16 4:26 a.m.•23 views

CVE-2024-23523 WordPress Elementor Pro plugin <= 3.19.2 - Contributor+ Arbitrary User Meta Data Retrieval vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Elementor Pro.This issue affects Elementor Pro: from n/a through 3.19.2...

6.5CVSS7.1AI score0.00529EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by