CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36 matches found

EUVD•added 2026/04/22 9:31 a.m.•2 views

EUVD-2026-24644

The Quran Live Multilanguage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cheikh' and 'lang' shortcode attributes in all versions up to, and including, 1.0.3. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. Th...

6.4CVSS5.9AI score0.0002EPSS

Exploits0References14

RedhatCVE•added 2026/01/09 10:33 a.m.•6 views

CVE-2017-18434

cPanel before 64.0.21 allows code execution in the context of the root account via a SETVHOSTLANGPACKAGE multilang adminbin call SEC-237...

7.8CVSS7.5AI score0.00039EPSS

Exploits0References1

RedhatCVE•added 2025/10/28 1:33 a.m.•2 views

CVE-2025-62896

Cross-Site Request Forgery CSRF vulnerability in digitaldonkey Multilang Contact Form multilang-contact-form allows Stored XSS.This issue affects Multilang Contact Form: from n/a through = 1.5...

7.1CVSS6.6AI score0.00016EPSS

Exploits0References1

EUVD•added 2025/10/27 3:30 a.m.•0 views

EUVD-2025-36042

Cross-Site Request Forgery CSRF vulnerability in digitaldonkey Multilang Contact Form multilang-contact-form allows Stored XSS.This issue affects Multilang Contact Form: from n/a through = 1.5...

6.1AI score0.00016EPSS

Exploits0References2

NVD•added 2025/10/27 2:15 a.m.•0 views

CVE-2025-62896

Cross-Site Request Forgery CSRF vulnerability in digitaldonkey Multilang Contact Form multilang-contact-form allows Stored XSS.This issue affects Multilang Contact Form: from n/a through = 1.5...

7.1CVSS0.00016EPSS

Exploits0References1

CVE•added 2025/10/27 1:33 a.m.•4 views

CVE-2025-62896

CVE-2025-62896 concerns the WordPress plugin Multilang Contact Form (digitaldonkey) up to version 1.5. It describes a Cross-Site Request Forgery (CSRF) vulnerability that enables Stored XSS. The CVSS 3.1 analysis indicates an attack vector of NETWORK, with no privileges required, but user interac...

7.1CVSS6.3AI score0.00016EPSS

Exploits0References1

Cvelist•added 2025/10/27 1:33 a.m.•5 views

CVE-2025-62896 WordPress Multilang Contact Form plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in digitaldonkey Multilang Contact Form multilang-contact-form allows Stored XSS.This issue affects Multilang Contact Form: from n/a through = 1.5...

7.1CVSS0.00016EPSS

Exploits0References1

Vulnrichment•added 2025/10/27 1:33 a.m.•1 views

CVE-2025-62896 WordPress Multilang Contact Form plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in digitaldonkey Multilang Contact Form multilang-contact-form allows Stored XSS.This issue affects Multilang Contact Form: from n/a through = 1.5...

7.1CVSS6.3AI score0.00016EPSS

Exploits0References1

Positive Technologies•added 2025/10/27 12:0 a.m.•2 views

PT-2025-43775

Cross-Site Request Forgery CSRF vulnerability in digitaldonkey Multilang Contact Form multilang-contact-form allows Stored XSS.This issue affects Multilang Contact Form: from n/a through = 1.5...

8.8CVSS6.6AI score0.00016EPSS

Exploits0References2

CNNVD•added 2025/10/27 12:0 a.m.•1 views

WordPress plugin Multilang Contact Form 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in...

7.1CVSS6.1AI score0.00016EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-9550

Malware in sbrugna...

7.8CVSS7.7AI score0.00039EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2016-1766

Malware in sbrugna...

3.3CVSS4.2AI score0.00062EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-17261

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00423EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•8 views

EUVD-2025-3000

Malicious code in bioql PyPI...

7.1CVSS8.6AI score0.00187EPSS

Exploits0References1

Patchstack•added 2025/09/26 10:26 a.m.•3 views

WordPress Multilang Contact Form plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Multilang Contact Form versions = 1.5...

8.8CVSS7AI score0.00016EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/06/08 1:19 p.m.•6 views

CVE-2025-49307

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Magazine3 WP Multilang wp-multilang allows PHP Local File Inclusion.This issue affects WP Multilang: from n/a through = 2.4.19...

7.5CVSS5.9AI score0.00423EPSS

Exploits0References1

NVD•added 2025/06/06 1:15 p.m.•3 views

CVE-2025-49307

7.5CVSS0.00423EPSS

Exploits0References1

Cvelist•added 2025/06/06 12:53 p.m.•13 views

CVE-2025-49307 WordPress WP Multilang plugin <= 2.4.19 - Local File Inclusion Vulnerability

7.5CVSS0.00423EPSS

Exploits0References1

CVE•added 2025/06/06 12:53 p.m.•38 views

CVE-2025-49307

WP Multilang (WordPress plugin) is affected by CVE-2025-49307, an authenticated Local File Inclusion via PHP Include/Require (PHP Remote File Inclusion) in versions up to 2.4.19. The CVE entry indicates an authenticated context (Contributor+), with exploitation potential linked to LFI, resulting ...

7.5CVSS5.9AI score0.00423EPSS

Exploits0References1

Vulnrichment•added 2025/06/06 12:53 p.m.•7 views

CVE-2025-49307 WordPress WP Multilang <= 2.4.19 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Magazine3 WP Multilang allows PHP Local File Inclusion. This issue affects WP Multilang: from n/a through 2.4.19...

7.5CVSS7.4AI score0.00423EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by