CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3447 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-54535

Malicious code in bioql PyPI...

5.9CVSS6.6AI score0.00058EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-8570

Malicious code in bioql PyPI...

6.5CVSS9AI score0.00277EPSS

Exploits0References2

NVD•added 2025/10/03 12:15 p.m.•2 views

CVE-2025-9333

The Smart Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

5.5CVSS0.00028EPSS

Exploits0References2

NVD•added 2025/10/03 12:15 p.m.•2 views

CVE-2025-9372

The Ultimate Multi Design Video Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access, to inject...

5.5CVSS0.0003EPSS

Exploits0References2

NVD•added 2025/10/03 12:15 p.m.•2 views

CVE-2025-10053

The TableGen – Data Table Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS0.00021EPSS

Exploits0References2

EUVD•added 2025/10/03 11:17 a.m.•1 views

EUVD-2025-32261

5.5CVSS4.6AI score0.0003EPSS

Exploits0References3

Cvelist•added 2025/10/03 11:17 a.m.•6 views

CVE-2025-9372 Ultimate Multi Design Video Carousel <= 1.4 - Authenticated (Editor+) Stored Cross-Site Scripting

5.5CVSS0.0003EPSS

Exploits0References2

CVE•added 2025/10/03 11:17 a.m.•10 views

CVE-2025-9372

CVE-2025-9372 documents a stored XSS vulnerability in WordPress plugin Ultimate Multi Design Video Carousel (versions ≤ 1.4) caused by insufficient input sanitization and output escaping. Exploitation requires authenticated access at editor level and affects multi-site installations or sites wher...

5.5CVSS4.7AI score0.0003EPSS

Exploits0References2

Cvelist•added 2025/10/03 11:17 a.m.•4 views

CVE-2025-10053 TableGen – Data Table Generator <= 1.3.1 - Authenticated (Admin+) Stored Cross-Site Scripting

4.4CVSS0.00021EPSS

Exploits0References2

EUVD•added 2025/10/03 11:17 a.m.•2 views

EUVD-2025-32266

4.4CVSS4.5AI score0.00021EPSS

Exploits0References3

Vulnrichment•added 2025/10/03 11:17 a.m.•2 views

CVE-2025-10053 TableGen – Data Table Generator <= 1.3.1 - Authenticated (Admin+) Stored Cross-Site Scripting

4.4CVSS4.7AI score0.00021EPSS

Exploits0References2

CVE•added 2025/10/03 11:17 a.m.•9 views

CVE-2025-9332

CVE-2025-9332 involves the WordPress plugin Interactive Human Anatomy with Clickable Body Parts (vulnerable up to and including 2.6). The issue is a stored XSS triggered by insufficient input sanitization and output escaping in admin settings, exploitable by authenticated attackers with administr...

5.5CVSS4.7AI score0.00028EPSS

Exploits0References2

Vulnrichment•added 2025/10/03 11:17 a.m.•1 views

CVE-2025-9332 Interactive Medical Drawing of Human Body <= 2.6 - Authenticated (Admin+) Stored Cross-Site Scripting

The Interactive Human Anatomy with Clickable Body Parts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...

5.5CVSS4.7AI score0.00028EPSS

Exploits0References2

EUVD•added 2025/10/03 11:17 a.m.•1 views

EUVD-2025-32276

5.5CVSS4.6AI score0.00028EPSS

Exploits0References3

Cvelist•added 2025/10/03 11:17 a.m.•5 views

CVE-2025-9332 Interactive Medical Drawing of Human Body <= 2.6 - Authenticated (Admin+) Stored Cross-Site Scripting

5.5CVSS0.00028EPSS

Exploits0References2

Vulnrichment•added 2025/10/03 11:17 a.m.•1 views

CVE-2025-9333 Smart Docs <= 1.1.1 - Authenticated (Admin+) Stored Cross-Site Scripting

5.5CVSS4.7AI score0.00028EPSS

Exploits0References2

Cvelist•added 2025/10/03 11:17 a.m.•6 views

CVE-2025-9333 Smart Docs <= 1.1.1 - Authenticated (Admin+) Stored Cross-Site Scripting

5.5CVSS0.00028EPSS

Exploits0References2

CVE•added 2025/10/03 11:17 a.m.•11 views

CVE-2025-9333

CVE-2025-9333 affects the WordPress plugin Smart Docs. The vulnerability is a Stored Cross-Site Scripting flaw in admin settings for versions up to and including 1.1.1, caused by insufficient input sanitization and output escaping. Exploitation requires authenticated access with administrator-lev...

5.5CVSS4.7AI score0.00028EPSS

Exploits0References2

Positive Technologies•added 2025/10/03 12:0 a.m.•2 views

PT-2025-40496

Name of the Vulnerable Software and Affected Versions The Ultimate Multi Design Video Carousel plugin for WordPress versions prior to 1.5 Description The software is susceptible to Stored Cross-Site Scripting due to inadequate input sanitization and output escaping. This allows authenticated...

5.5CVSS5.4AI score0.0003EPSS

Exploits0References4

Positive Technologies•added 2025/10/03 12:0 a.m.•1 views

PT-2025-40466

Name of the Vulnerable Software and Affected Versions TableGen – Data Table Generator plugin for WordPress versions prior to 1.3.2 Description The software is susceptible to Stored Cross-Site Scripting through admin settings. Insufficient input sanitization and output escaping allow authenticated...

4.4CVSS5.4AI score0.00021EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by