CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

110 matches found

RedhatCVE•added 2026/01/24 3:17 p.m.•4 views

CVE-2026-24587

Missing Authorization vulnerability in kutsy AJAX Hits Counter + Popular Posts Widget ajax-hits-counter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AJAX Hits Counter + Popular Posts Widget: from n/a through = 0.10.210305...

5.4CVSS5.4AI score0.00265EPSS

Exploits0References1

NVD•added 2026/01/23 3:16 p.m.•7 views

CVE-2026-24587

5.4CVSS0.00265EPSS

Exploits0References1

CVE•added 2026/01/23 2:29 p.m.•13 views

CVE-2026-24587

CVE-2026-24587 affects the WordPress plugin AJAX Hits Counter + Popular Posts Widget (ajax-hits-counter). Connected sources confirm a Missing Authorization / Broken Access Control vulnerability in this plugin, affecting versions up to and including 0.10.210305. Core details from Red Hat/NVD/CVE l...

5.4CVSS5.4AI score0.00265EPSS

Exploits0References1

Vulnrichment•added 2026/01/23 2:29 p.m.•3 views

CVE-2026-24587 WordPress AJAX Hits Counter + Popular Posts Widget plugin <= 0.10.210305 - Broken Access Control vulnerability

5.4CVSS5.4AI score0.00265EPSS

Exploits0References1

ATTACKERKB•added 2026/01/23 2:29 p.m.•3 views

CVE-2026-24587

5.4CVSS5.9AI score0.00265EPSS

Exploits0References2

Cvelist•added 2026/01/23 2:29 p.m.•28 views

CVE-2026-24587 WordPress AJAX Hits Counter + Popular Posts Widget plugin <= 0.10.210305 - Broken Access Control vulnerability

5.4CVSS0.00265EPSS

Exploits0References1

Positive Technologies•added 2026/01/23 12:0 a.m.•7 views

PT-2026-4424

Name of the Vulnerable Software and Affected Versions kutsy AJAX Hits Counter + Popular Posts Widget versions through 0.10.210305 Description An issue exists in kutsy AJAX Hits Counter + Popular Posts Widget related to incorrectly configured access control security levels, potentially allowing...

5.4CVSS5.3AI score0.00265EPSS

Exploits0References3

CNNVD•added 2026/01/23 12:0 a.m.•5 views

WordPress plugin AJAX Hits Counter + Popular Posts Widget security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

5.4CVSS5.8AI score0.00265EPSS

Exploits0References1

Patchstack•added 2026/01/18 10:28 a.m.•6 views

WordPress AJAX Hits Counter + Popular Posts Widget plugin <= 0.10.210305 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin AJAX Hits Counter + Popular Posts Widget versions = 0.10.210305...

5.4CVSS5.4AI score0.00265EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/10/28 1:34 a.m.•3 views

CVE-2025-62900

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WeblineIndia Popular Posts by Webline popular-posts-by-webline allows Stored XSS.This issue affects Popular Posts by Webline: from n/a through = 1.1.1...

6.5CVSS6AI score0.00191EPSS

Exploits0References1

EUVD•added 2025/10/27 3:30 a.m.•3 views

EUVD-2025-36038

5.5AI score0.00191EPSS

Exploits0References2

NVD•added 2025/10/27 2:15 a.m.•4 views

CVE-2025-62900

6.5CVSS0.00191EPSS

Exploits0References1

Vulnrichment•added 2025/10/27 1:33 a.m.•4 views

CVE-2025-62900 WordPress Popular Posts by Webline plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability

6.5CVSS5.6AI score0.00191EPSS

Exploits0References1

Cvelist•added 2025/10/27 1:33 a.m.•8 views

CVE-2025-62900 WordPress Popular Posts by Webline plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00191EPSS

Exploits0References1

CVE•added 2025/10/27 1:33 a.m.•7 views

CVE-2025-62900

CVE-2025-62900 is a stored cross-site scripting (XSS) vulnerability in the WordPress plugin “Popular Posts by Webline” (Webline popular-posts-by-webline) affecting versions up to and including 1.1.1. The issue is caused by improper neutralization of input during web page generation, enabling stor...

6.5CVSS5.6AI score0.00191EPSS

Exploits0References1

Positive Technologies•added 2025/10/27 12:0 a.m.•4 views

PT-2025-43779

5.4CVSS6AI score0.00191EPSS

Exploits0References2

CNNVD•added 2025/10/27 12:0 a.m.•4 views

WordPress plugin Popular Posts by Webline Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS5.7AI score0.00191EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2021-23448

Malware in sbrugna...

5.5CVSS5.4AI score0.00566EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-2931

Malicious code in bioql PyPI...

7.1CVSS9.1AI score0.00148EPSS

Exploits0References2