CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-37545

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00185EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-13722

Malicious code in bioql PyPI...

7.1CVSS7.6AI score0.0008EPSS

Exploits0References1

RedhatCVE•added 2025/05/09 3:24 p.m.•4 views

CVE-2025-47685

Cross-Site Request Forgery CSRF vulnerability in Moloni Contribuinte Checkout contribuinte-checkout allows Stored XSS.This issue affects Contribuinte Checkout: from n/a through = 2.0.03...

7.1CVSS7.2AI score0.0008EPSS

Exploits0References1

NVD•added 2025/05/07 3:16 p.m.•11 views

CVE-2025-47685

Cross-Site Request Forgery CSRF vulnerability in Moloni Contribuinte Checkout contribuinte-checkout allows Stored XSS.This issue affects Contribuinte Checkout: from n/a through = 2.0.03...

7.1CVSS0.0008EPSS

Exploits0References1

CVE•added 2025/05/07 2:20 p.m.•43 views

CVE-2025-47685

CVE-2025-47685 affects the WordPress plugin Contribuinte Checkout (versions up to and including 2.0.02). It combines CSRF to enable Stored XSS in the plugin. The CVSS v3.1 base score is 7.1 (HIGH) with network attack vector, requiring user interaction, and impacts to confidentiality, integrity, a...

7.1CVSS7.2AI score0.0008EPSS

Exploits0References1

Positive Technologies•added 2025/05/07 12:0 a.m.•1 views

PT-2025-20227 · Unknown · Moloni Contribuinte Checkout

Name of the Vulnerable Software and Affected Versions: Moloni Contribuinte Checkout versions n/a through 2.0.02 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...

7.1CVSS7.5AI score0.0008EPSS

Exploits0References4

NVD•added 2024/07/20 8:15 a.m.•15 views

CVE-2024-38694

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Moloni allows Reflected XSS.This issue affects Moloni: from n/a through 4.7.4...

7.1CVSS0.00185EPSS

Exploits0References1

Vulnrichment•added 2024/07/20 7:36 a.m.•13 views

CVE-2024-38694 WordPress Moloni plugin <= 4.7.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Moloni allows Reflected XSS.This issue affects Moloni: from n/a through 4.7.4...

7.1CVSS7AI score0.00185EPSS

Exploits0References1

Cvelist•added 2024/07/20 7:36 a.m.•16 views

CVE-2024-38694 WordPress Moloni plugin <= 4.7.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Moloni allows Reflected XSS.This issue affects Moloni: from n/a through 4.7.4...

7.1CVSS0.00185EPSS

Exploits0References1

CVE•added 2024/07/20 7:36 a.m.•41 views

CVE-2024-38694

CVE-2024-38694 is a Reflected XSS in the Moloni WordPress plugin (affected: up to version 4.7.4). Exploitable via improper input neutralization during web page generation. Remediation: upgrade to a version containing the fix (beyond 4.7.4) per the CVE details.

7.1CVSS7AI score0.00185EPSS

Exploits0References1

Positive Technologies•added 2024/07/20 12:0 a.m.•3 views

PT-2024-28138 · Moloni · Moloni

Name of the Vulnerable Software and Affected Versions: Moloni versions through 4.7.4 Description: The issue affects Moloni, allowing Reflected XSS due to improper neutralization of input during web page generation. This can lead to Cross-site Scripting. Recommendations: For versions through 4.7.4...

7.1CVSS5.8AI score0.00185EPSS

Exploits0References2

Patchstack•added 2024/07/11 9:13 a.m.•3 views

WordPress Moloni plugin <= 4.7.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin Moloni versions = 4.7.4...

7.1CVSS6.1AI score0.00185EPSS

Exploits0Affected Software1

Patchstack•added 2024/07/11 12:0 a.m.•8 views

WordPress Moloni Plugin <= 4.7.4 is vulnerable to Cross Site Scripting (XSS)

Software Moloni Type Plugin Vulnerable versions = 4.7.4 Fixed in 4.8.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38694 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c1c98bacc1ee Credits Yudistira Arya Required privilege...

7.1CVSS6.6AI score0.00185EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by