CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

96 matches found

WordPress The Plus Addons for Elementor <4.1.12 - Cross-Site Scripting

WordPress The Plus Addons for Elementor plugin before 4.1.12 is susceptible to cross-site scripting. The plugin does not properly sanitize some of its fields in the heplusmorepost AJAX action, which is exploitable by both unauthenticated and authenticated users. An attacker can inject arbitrary...

6.1CVSS6AI score0.12429EPSS

Exploits2References5

Nuclei•added 16 hours ago•24 views

Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect

WordPress Plus Addons for Elementor Page Builder before 4.1.10 did not validate a redirect parameter on a specifically crafted URL before redirecting the user to it, leading to an open redirect issue. id: CVE-2021-24358 info: name: Plus Addons for Elementor Page Builder 4.1.10 - Open Redirect...

6.1CVSS6.1AI score0.05164EPSS

Exploits2References4

RedhatCVE•added 2026/04/14 7:23 p.m.•1 views

CVE-2026-39516

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.7.0...

5.3CVSS5.8AI score0.00039EPSS

Exploits0References1

NVD•added 2026/04/08 9:16 a.m.•4 views

CVE-2026-39516

5.3CVSS0.00039EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 7:29 p.m.•0 views

CVE-2024-50452

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Stored XSS.This issue affects Nexter Blocks: from n/a through = 3.3.3...

6.5CVSS5.5AI score0.00137EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:15 p.m.•2 views

CVE-2026-24377

4.3CVSS5.4AI score0.0005EPSS

Exploits0References1

NVD•added 2026/01/22 5:16 p.m.•2 views

CVE-2026-24377

4.3CVSS0.0005EPSS

Exploits0References1

ATTACKERKB•added 2026/01/22 4:52 p.m.•2 views

CVE-2026-24377

7.5CVSS5.4AI score0.0005EPSS

Exploits0References2

Positive Technologies•added 2026/01/22 12:0 a.m.•3 views

PT-2026-4263

5.4AI score0.0005EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 12:34 p.m.•5 views

CVE-2023-45657

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in POSIMYTH Nexter allows SQL Injection.This issue affects Nexter: from n/a through 2.0.3...

9.8CVSS8.9AI score0.1119EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:58 a.m.•2 views

CVE-2023-45751

Improper Control of Generation of Code 'Code Injection' vulnerability in POSIMYTH Nexter Extension.This issue affects Nexter Extension: from n/a through 2.0.3...

9.1CVSS7.6AI score0.00483EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:58 a.m.•4 views

CVE-2023-45750

Unauth. Reflected Cross-Site Scripting XSS vulnerability in POSIMYTH Nexter Extension plugin = 2.0.3 versions...

7.1CVSS5.9AI score0.00193EPSS

Exploits0References1

NVD•added 2026/01/06 5:15 p.m.•2 views

CVE-2025-69362

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH UiChemy uichemy allows Stored XSS.This issue affects UiChemy: from n/a through = 4.4.2...

5.9CVSS0.00059EPSS

Exploits0References1

Positive Technologies•added 2026/01/06 12:0 a.m.•2 views

PT-2026-1489

Name of the Vulnerable Software and Affected Versions POSIMYTH UiChemy versions through 4.4.2 Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This means malicious scripts can be stored on the...

6.5CVSS5.9AI score0.00059EPSS

Exploits0References4

RedhatCVE•added 2025/10/23 3:13 p.m.•2 views

CVE-2025-62013

Missing Authorization vulnerability in POSIMYTH UiChemy uichemy.This issue affects UiChemy: from n/a through = 4.0.0...

4.3CVSS7AI score0.00036EPSS

Exploits0References1