CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6239 matches found

NVD•added 2025/01/16 9:15 p.m.•3 views

CVE-2025-23868

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mliebelt Chess Tempo Viewer chesstempoviewer allows Stored XSS.This issue affects Chess Tempo Viewer: from n/a through = 0.9.5...

6.5CVSS0.00357EPSS

Exploits0References1

NVD•added 2025/01/16 9:15 p.m.•4 views

CVE-2025-23760

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Volkov Chatter allows Stored XSS. This issue affects Chatter: from n/a through 1.0.1...

7.1CVSS0.00396EPSS

Exploits0References1

CVE•added 2025/01/16 8:8 p.m.•55 views

CVE-2025-23947

CVE-2025-23947 : Stored XSS in WP-Player (WordPress plugin). Root cause: improper input neutralization during web page generation. Affected: WP-Player versions from n/a up to 2.6.1. Public details in RH/Red Hat and Wordfence entries confirm the vulnerability; no public fixes/versioned remediation...

6.5CVSS7.2AI score0.0022EPSS

Exploits0References1

CVE•added 2025/01/16 8:7 p.m.•33 views

CVE-2025-23886

CVE-2025-23886 is an Improper Neutralization of Input During Web Page Generation (Stored XSS) affecting the WordPress plugin Annie by Chris Roberts. Affected range: Annie from n/a through 2.1.1. Public references describe the vulnerability as Stored XSS, not Exploitation details. Red Hat and Word...

6.5CVSS7.2AI score0.00357EPSS

Exploits0References1

Vulnrichment•added 2025/01/16 8:7 p.m.•5 views

CVE-2025-23860 WordPress Charity-thermometer plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in crea8xion Charity-thermometer charitydonation-thermometer allows Stored XSS.This issue affects Charity-thermometer: from n/a through = 1.1.2...

6.5CVSS7.2AI score0.00357EPSS

Exploits0References1

CVE•added 2025/01/16 8:7 p.m.•41 views

CVE-2025-23860

CVE-2025-23860 is a Stored XSS in Eyouth { rob.panes } Charity-thermometer affecting Charity-thermometer versions from n/a up to 1.1.2. The Red Hat entry repeats the same description; Wordfence notes Unpatched status for the Charity-thermometer vulnerability and lists SOPROBRO as researcher. No p...

6.5CVSS7.2AI score0.00357EPSS

Exploits0References1

Cvelist•added 2025/01/16 8:7 p.m.•13 views

CVE-2025-23825 WordPress Easy Shortcode Buttons plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in osuthorpe Easy Shortcode Buttons easy-shortcode-buttons allows Stored XSS.This issue affects Easy Shortcode Buttons: from n/a through = 1.2...

6.5CVSS0.00272EPSS

Exploits0References1

Cvelist•added 2025/01/16 8:6 p.m.•12 views

CVE-2025-23511 WordPress WP-BlackCheck plugin <= 2.7.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Stargazer WP-BlackCheck wp-blackcheck allows Stored XSS.This issue affects WP-BlackCheck: from n/a through = 2.7.2...

7.1CVSS0.00195EPSS

Exploits0References1

Patchstack•added 2025/01/16 6:42 p.m.•4 views

WordPress Mojo Under Construction Plugin <= 1.1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Mojo Under Construction versions = 1.1.2...

7.1CVSS6.1AI score0.00363EPSS

Exploits0Affected Software1

Patchstack•added 2025/01/16 6:42 p.m.•3 views

WordPress Bauernregeln Plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Bauernregeln versions = 1.0.1...

7.1CVSS6.1AI score0.00211EPSS

Exploits0Affected Software1

Patchstack•added 2025/01/16 6:42 p.m.•5 views

WordPress Marmoset Viewer plugin <= 1.9.3 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Marmoset Viewer versions = 1.9.3...

6.5CVSS5.8AI score0.00301EPSS

Exploits0Affected Software1

Patchstack•added 2025/01/16 6:42 p.m.•3 views

WordPress Affiliate Tools Việt Nam plugin <= 0.3.17 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Affiliate Tools Việt Nam versions = 0.3.17...

7.1CVSS6.1AI score0.00236EPSS

Exploits0Affected Software1

Patchstack•added 2025/01/16 6:42 p.m.•3 views

WordPress Easy Filtering plugin <= 2.5.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Easy Filtering versions = 2.5.0...

7.1CVSS6.1AI score0.00332EPSS

Exploits0Affected Software1

Patchstack•added 2025/01/16 6:42 p.m.•2 views

WordPress University Quizzes Online plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin University Quizzes Online versions = 1.4...

7.1CVSS6.1AI score0.00236EPSS

Exploits0Affected Software1

Patchstack•added 2025/01/16 6:41 p.m.•2 views

WordPress BizLibrary plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin BizLibrary versions = 1.1...

7.1CVSS6.1AI score0.00241EPSS

Exploits0Affected Software1

Patchstack•added 2025/01/16 6:41 p.m.•2 views

WordPress Easy Tynt plugin <= 0.2.5.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

CSRF to Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Easy Tynt versions = 0.2.5.1...

7.1CVSS5.9AI score0.00195EPSS

Exploits0Affected Software1

Positive Technologies•added 2025/01/16 12:0 a.m.•3 views

PT-2025-5228 · Unknown · Divengine Gallery

Name of the Vulnerable Software and Affected Versions: DivEngine Gallery: Hybrid – Advanced Visual Gallery versions 1.4.0.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows stored Cross-site Scripting XSS. This means an...

6.5CVSS9.1AI score0.0022EPSS

Exploits0References5

Positive Technologies•added 2025/01/16 12:0 a.m.•5 views

PT-2025-5088 · Eortologio.Net · Carrotbits Greek Namedays Widget

Name of the Vulnerable Software and Affected Versions: carrotbits Greek Namedays Widget From Eortologio.Net versions from n/a through 20191113 Description: The issue is related to improper neutralization of input during web page generation, which allows stored Cross-site Scripting XSS. This means...

6.5CVSS9AI score0.00287EPSS

Exploits0References4

NVD•added 2025/01/15 4:15 p.m.•10 views

CVE-2025-22780

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Andrey wp-pano wp-pano allows Stored XSS.This issue affects wp-pano: from n/a through = 1.17...

6.5CVSS0.00218EPSS

Exploits0References1

NVD•added 2025/01/15 4:15 p.m.•3 views

CVE-2025-22750

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Patel Post Carousel & Slider post-types-carousel-slider allows Reflected XSS.This issue affects Post Carousel & Slider: from n/a through = 1.0.4...

7.1CVSS0.00322EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by