CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

56 matches found

Patchstack•added 2025/12/15 1:30 p.m.•3 views

WordPress Themify Portfolio Post plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Themify Portfolio Post versions = 1.3.0...

6.5CVSS6.1AI score0.00029EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/12/10 2:23 p.m.•0 views

CVE-2025-67533

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Portfolio Post themify-portfolio-post allows Stored XSS.This issue affects Themify Portfolio Post: from n/a through = 1.3.0...

7.1CVSS6AI score0.00029EPSS

Exploits0References1

EUVD•added 2025/12/09 6:30 p.m.•1 views

EUVD-2025-202111

5.5AI score0.00029EPSS

Exploits0References2

NVD•added 2025/12/09 4:18 p.m.•1 views

CVE-2025-67533

7.1CVSS0.00029EPSS

Exploits0References1

Cvelist•added 2025/12/09 2:14 p.m.•16 views

CVE-2025-67533 WordPress Themify Portfolio Post plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00029EPSS

Exploits0References1

Vulnrichment•added 2025/12/09 2:14 p.m.•1 views

CVE-2025-67533 WordPress Themify Portfolio Post plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability

7.1CVSS5.6AI score0.00029EPSS

Exploits0References1

CVE•added 2025/12/09 2:14 p.m.•6 views

CVE-2025-67533

CVE-2025-67533 is a Stored XSS in Themify Portfolio Post (Themify Portfolio Post) affecting versions up to and including 1.3.0. The vulnerability arises from improper input neutralization during web page generation, enabling an attacker to inject malicious script that can execute in an authentica...

7.1CVSS5.6AI score0.00029EPSS

Exploits0References1

Positive Technologies•added 2025/12/09 12:0 a.m.•2 views

PT-2025-49909

6.5CVSS6AI score0.00029EPSS

Exploits0References3

CNNVD•added 2025/12/09 12:0 a.m.•1 views

WordPress plugin Themify Portfolio Post 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A cross-site scriptin...

7.1CVSS5.8AI score0.00029EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-11043

Malware in sbrugna...

5.4CVSS5.5AI score0.00162EPSS

Exploits2References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-36036

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00181EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-12423

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00181EPSS

Exploits2References1

RedhatCVE•added 2025/05/23 2:54 a.m.•0 views

CVE-2023-0362

Themify Portfolio Post WordPress plugin before 1.2.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS4.4AI score0.00181EPSS

Exploits2References1

RedhatCVE•added 2025/05/23 1:12 a.m.•4 views

CVE-2022-32970

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Themify Themify Portfolio Post plugin = 1.2.4 versions...

5.4CVSS5.6AI score0.00181EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:2 p.m.•5 views

CVE-2022-0200

Themify Portfolio Post WordPress plugin before 1.1.7 does not sanitise and escape the numofpages parameter before outputting it back the response of the themifycreatepopuppagepagination AJAX action available to any authenticated user, leading to a Reflected Cross-Site Scripting...

5.4CVSS6.4AI score0.00208EPSS

Exploits2References1