CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

96 matches found

Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect

WordPress Plus Addons for Elementor Page Builder before 4.1.10 did not validate a redirect parameter on a specifically crafted URL before redirecting the user to it, leading to an open redirect issue. id: CVE-2021-24358 info: name: Plus Addons for Elementor Page Builder 4.1.10 - Open Redirect...

6.1CVSS6.2AI score0.02295EPSS

Exploits2References4

Nuclei•added yesterday•31 views

WordPress The Plus Addons for Elementor <4.1.12 - Cross-Site Scripting

WordPress The Plus Addons for Elementor plugin before 4.1.12 is susceptible to cross-site scripting. The plugin does not properly sanitize some of its fields in the heplusmorepost AJAX action, which is exploitable by both unauthenticated and authenticated users. An attacker can inject arbitrary...

6.1CVSS5.8AI score0.02483EPSS

Exploits2References5

RedhatCVE•added 2026/04/14 7:23 p.m.•3 views

CVE-2026-39516

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.7.0...

5.3CVSS5.8AI score0.0024EPSS

Exploits0References1

NVD•added 2026/04/08 9:16 a.m.•6 views

CVE-2026-39516

5.3CVSS0.0024EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 7:29 p.m.•4 views

CVE-2024-50452

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Stored XSS.This issue affects Nexter Blocks: from n/a through = 3.3.3...

6.5CVSS5.5AI score0.00215EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:15 p.m.•4 views

CVE-2026-24377

4.3CVSS5.4AI score0.0018EPSS

Exploits0References1

NVD•added 2026/01/22 5:16 p.m.•3 views

CVE-2026-24377

4.3CVSS0.0018EPSS

Exploits0References1

ATTACKERKB•added 2026/01/22 4:52 p.m.•4 views

CVE-2026-24377

7.5CVSS5.4AI score0.0018EPSS

Exploits0References2

Positive Technologies•added 2026/01/22 12:0 a.m.•5 views

PT-2026-4263

5.4AI score0.0018EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 12:34 p.m.•6 views

CVE-2023-45657

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in POSIMYTH Nexter allows SQL Injection.This issue affects Nexter: from n/a through 2.0.3...

9.8CVSS8.9AI score0.01284EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:58 a.m.•4 views

CVE-2023-45751

Improper Control of Generation of Code 'Code Injection' vulnerability in POSIMYTH Nexter Extension.This issue affects Nexter Extension: from n/a through 2.0.3...

9.1CVSS7.6AI score0.00577EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:58 a.m.•5 views

CVE-2023-45750

Unauth. Reflected Cross-Site Scripting XSS vulnerability in POSIMYTH Nexter Extension plugin = 2.0.3 versions...

7.1CVSS5.9AI score0.00437EPSS

Exploits0References1

NVD•added 2026/01/06 5:15 p.m.•3 views

CVE-2025-69362

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH UiChemy uichemy allows Stored XSS.This issue affects UiChemy: from n/a through = 4.4.2...

5.9CVSS0.00138EPSS

Exploits0References1

Positive Technologies•added 2026/01/06 12:0 a.m.•5 views

PT-2026-1489

Name of the Vulnerable Software and Affected Versions POSIMYTH UiChemy versions through 4.4.2 Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This means malicious scripts can be stored on the...

6.5CVSS5.9AI score0.00138EPSS

Exploits0References4

RedhatCVE•added 2025/10/23 3:13 p.m.•3 views

CVE-2025-62013

Missing Authorization vulnerability in POSIMYTH UiChemy uichemy.This issue affects UiChemy: from n/a through = 4.0.0...

4.3CVSS7AI score0.00225EPSS

Exploits0References1