CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Positive Technologies•added 2025/10/30 12:0 a.m.•3 views

PT-2025-44370

Name of the Vulnerable Software and Affected Versions Blocksy Companion plugin for WordPress versions up to and including 2.1.14 Description The Blocksy Companion plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'blocksy newsletter subscribe' shortcode. This is due t...

6.4CVSS5.2AI score0.00034EPSS

Exploits0References7

RedhatCVE•added 2025/10/12 3:31 a.m.•4 views

CVE-2025-9560

The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's colibrinewsletter shortcode in all versions up to, and including, 1.0.334 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS4.9AI score0.00032EPSS

Exploits0References1

EUVD•added 2025/10/11 3:30 a.m.•1 views

EUVD-2025-33804

6.4CVSS4.5AI score0.00032EPSS

Exploits0References4

NVD•added 2025/10/11 3:15 a.m.•1 views

CVE-2025-9560

6.4CVSS0.00032EPSS

Exploits0References3

Vulnrichment•added 2025/10/11 2:24 a.m.•1 views

CVE-2025-9560 Colibri Page Builder <= 1.0.334 - Authenticated (Contributor+) Stored Cross-Site Scripting via colibri_newsletter Shortcode

6.4CVSS4.6AI score0.00032EPSS

Exploits0References3

CVE•added 2025/10/11 2:24 a.m.•8 views

CVE-2025-9560

CVE-2025-9560 relates to the WordPress plugin Colibri Page Builder (versions through 1.0.334). It describes a Stored XSS vulnerability in the colibri_newsletter shortcode due to insufficient input sanitization and output escaping. Exploitation requires authentication at contributor level or highe...

6.4CVSS4.6AI score0.00032EPSS

Exploits0References3

Positive Technologies•added 2025/10/11 12:0 a.m.•0 views

PT-2025-41631

Name of the Vulnerable Software and Affected Versions Colibri Page Builder plugin for WordPress versions through 1.0.334 Description The Colibri Page Builder plugin for WordPress is susceptible to Stored Cross-Site Scripting through the colibri newsletter shortcode. This is due to inadequate inpu...

6.4CVSS5.3AI score0.00032EPSS

Exploits0References7

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-29692

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00066EPSS

Exploits0References6

NVD•added 2025/09/17 7:15 a.m.•1 views

CVE-2025-9565

The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's blocksynewslettersubscribe shortcode in all versions up to, and including, 2.1.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

6.4CVSS0.00066EPSS

Exploits0References5

Vulnrichment•added 2025/09/17 6:17 a.m.•1 views

CVE-2025-9565 Blocksy Companion <= 2.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via blocksy_newsletter_subscribe Shortcode

6.4CVSS4.7AI score0.00066EPSS

Exploits0References5

Positive Technologies•added 2025/09/17 12:0 a.m.•1 views

PT-2025-38124

Name of the Vulnerable Software and Affected Versions: Blocksy Companion plugin for WordPress versions up to and including 2.1.10 Description: The Blocksy Companion plugin for WordPress is susceptible to Stored Cross-Site Scripting through the blocksy newsletter subscribe shortcode. Insufficient...

6.4CVSS5AI score0.00066EPSS

Exploits0References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by