CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-24140

Malware in sbrugna...

8.8CVSS8.6AI score0.00964EPSS

Exploits1References4

RedhatCVE•added 2025/02/05 3:7 p.m.•8 views

CVE-2020-36698

The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to unauthorized user interaction in versions up to, and including, 2.50. This is due to missing capability checks on several AJAX actions and nonce disclosure in the source page of the administrative dashboard. This makes...

8.8CVSS6.4AI score0.00964EPSS

Exploits1References1

OSV•added 2025/01/14 7:15 a.m.•5 views

CVE-2024-12365

The W3 Total Cache plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the isw3tcadminpage function in all versions up to, and including, 2.8.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to obtain...

8.5CVSS5.9AI score0.01736EPSS

Exploits0References14

OSV•added 2024/12/27 3:0 p.m.•7 views

CLSA-2024-1735311613 php: Fix of 2 CVEs

CVE-2023-0567: fix issue causing passwordverify function to accept invalid Blowfish hashes as valid - CVE-2023-3247: fix issue with SOAP HTTP Digest Authentication random value generator not checking for failure, leading to disclosure of uninitialized memory and easier guessing of client's nonce...

8.1CVSS6.7AI score0.00944EPSS

Exploits1References1

NVD•added 2024/10/16 7:15 a.m.•16 views

CVE-2021-4446

The Essential Addons for Elementor plugin for WordPress is vulnerable to authorization bypass in versions up to and including 4.6.4 due to missing capability checks and nonce disclosure. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to perform...

6.3CVSS0.00252EPSS

Exploits0References2

OSV•added 2024/10/16 7:15 a.m.•4 views

CVE-2021-4446

4.3CVSS5.8AI score0.00252EPSS

Exploits0References2

Vulnrichment•added 2024/10/16 6:43 a.m.•13 views

CVE-2021-4446 Essential Addons for Elementor <= 4.6.4 - Missing Authorization

6.3CVSS6.8AI score0.00252EPSS

Exploits0References2

CVE•added 2024/10/16 6:43 a.m.•62 views

CVE-2021-4446

CVE-2021-4446 affects the WordPress plugin Essential Addons for Elementor (versions up to and including 4.6.4). The vulnerability is an authorization bypass caused by missing capability checks and nonce disclosure, enabling authenticated attackers with minimal privileges (e.g., a subscriber) to p...

6.3CVSS6.1AI score0.00252EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/10/16 6:43 a.m.•19 views

CVE-2021-4446 Essential Addons for Elementor <= 4.6.4 - Missing Authorization

6.3CVSS0.00252EPSS

Exploits0References2

Positive Technologies•added 2024/10/15 12:0 a.m.•4 views

PT-2024-11043 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to and including 4.6.4 Description: The issue is related to authorization bypass due to missing capability checks and nonce disclosure. This allows authenticated attackers wi...

6.3CVSS6.8AI score0.00252EPSS

Exploits0References11

NVD•added 2023/10/20 7:15 a.m.•20 views

CVE-2020-36698

8.8CVSS8.4AI score0.00964EPSS

Exploits1References3

OSV•added 2023/10/20 7:15 a.m.•3 views

CVE-2020-36698

8.8CVSS5.8AI score0.00964EPSS

Exploits1References3

Prion•added 2023/10/20 7:15 a.m.•23 views

Design/Logic Flaw

6.5CVSS8.2AI score0.00964EPSS

Exploits1References3Affected Software1

CVE•added 2023/10/20 6:35 a.m.•39 views

CVE-2020-36698

The CVE-2020-36698 entry affects the WordPress plugin Security & Malware scan by CleanTalk, vulnerable in versions up to 2.50 due to missing capability checks on several AJAX actions and nonce disclosure in the admin dashboard source. This allows authenticated attackers with subscriber-level perm...

8.8CVSS8.2AI score0.00964EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2023/10/20 6:35 a.m.•21 views

CVE-2020-36698 Security & Malware scan by CleanTalk <= 2.50 - Missing Authorization

8.8CVSS7.2AI score0.00964EPSS

Exploits1References3

Cvelist•added 2023/10/20 6:35 a.m.•24 views

CVE-2020-36698 Security & Malware scan by CleanTalk <= 2.50 - Missing Authorization

8.8CVSS8.4AI score0.00964EPSS

Exploits1References3

WPVulnDB•added 2023/01/27 12:0 a.m.•17 views

ContentStudio < 1.2.6 - Nonce Disclosure

The plugin discloses sensitive information to unauthenticated users, such as a nonce used to create a posts...

7.5CVSS5.5AI score0.00906EPSS

Exploits1Affected Software1

CNNVD•added 2022/11/08 12:0 a.m.•3 views

WordPress plugin SearchWP premium 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS5.2AI score0.00443EPSS

Exploits0References3

Tenable Nessus•added 2016/02/26 12:0 a.m.•51 views

Cisco IOS XE Multiple OpenSSL Vulnerabilities (CSCup22487)

The remote Cisco IOS XE device is missing a vendor-supplied security patch, and its web user interface is configured to use HTTPS. It is, therefore, affected by the following vulnerabilities in the bundled OpenSSL library : - An error exists in the ssl3readbytes function that could allow data to ...

7.4CVSS7.4AI score0.95326EPSS

Exploits10References9

Tenable Nessus•added 2014/09/11 12:0 a.m.•60 views

EMC Documentum Content Server Multiple Vulnerabilities (ESA-2014-079)

The remote host is running a version of EMC Documentum Content Server that is affected by multiple vulnerabilities : - An error exists in the 'ssl3readbytes' function that permits data to be injected into other sessions or allows denial of service attacks. Note that this issue is exploitable only...

8.5CVSS8.7AI score0.99977EPSS

Exploits15References12

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by