CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 5 days ago•6 views

EUVD-2026-33925

4.3CVSS6AI score0.00029EPSS

GithubExploit•added 5 days ago•51 views

web-vulnerability-scanner_project

web-vulnerability-scannerprojec...

5.9AI score

Exploits0

NVD•added 5 days ago•9 views

CVE-2026-42685

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ahmad WP Job Portal allows Reflected XSS. This issue affects WP Job Portal: from n/a through 2.5.1...

Patchstack•added 5 days ago•6 views

WordPress Passeum Ticketing plugin <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by KEVIN LEE crattack - OPCIA in WordPress Plugin Passeum Ticketing versions = 1.0...

4.4CVSS5.8AI score0.00033EPSS

Exploits0References1Affected Software1

CVE•added 5 days ago•12 views

CVE-2026-42685

The CVE-2026-42685 entry concerns the WordPress plugin WP Job Portal (versions up to 2.5.1). The issue is a Reflected Cross-Site Scripting (XSS) vulnerability caused by improper neutralization of input during page generation. Affected product: WP Job Portal. Root cause: insufficient input handlin...

Cvelist•added 5 days ago•32 views

CVE-2026-42685 WordPress WP Job Portal plugin <= 2.5.1 - Cross Site Scripting (XSS) vulnerability

EUVD•added 5 days ago•7 views

EUVD-2026-33910

ATTACKERKB•added 5 days ago•10 views

CVE-2026-42685

Vulnrichment•added 5 days ago•8 views

CVE-2026-42685 WordPress WP Job Portal plugin <= 2.5.1 - Cross Site Scripting (XSS) vulnerability

NVD•added 5 days ago•8 views

CVE-2026-34907

Wirtualna Uczelnia is vulnerable to Reflected Cross‑Site Scripting XSS due to insecure handling of the locale parameter across multiple endpoints. An attacker can craft a malicious URL with JavaScript embedded in the locale parameter and send it to a victim. When the victim opens the link, the...

5.1CVSS0.00047EPSS

NVD•added 5 days ago•9 views

CVE-2025-52759

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in UnboundStudio Accordion FAQ allows Reflected XSS. This issue affects Accordion FAQ: from n/a through 2.2.1...

Nuclei•added 5 days ago•58 views

Microsoft Exchange Server - Cross-Site Scripting

Microsoft Exchange Server, or OWA, is vulnerable to a cross-site scripting vulnerability in refurl parameter of frowny.asp. id: CVE-2021-31195 info: name: Microsoft Exchange Server - Cross-Site Scripting author: infosecsanyam severity: medium description: Microsoft Exchange Server, or OWA, is...

8.8CVSS7AI score0.79828EPSS

Exploits3References5

Nuclei•added 5 days ago•24 views

Simple URLs < 115 - Cross Site Scripting

The plugin does not sanitise and escape some parameters before outputting them back in some pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. id: CVE-2023-0099 info: name: Simple URLs 115 - Cross Site Scripting author: r3Y3r53 severit...

6.1CVSS6.3AI score0.70054EPSS

Exploits6References5

Vulnrichment•added 5 days ago•10 views

CVE-2025-52759 WordPress Accordion FAQ plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability

EUVD•added 5 days ago•6 views

EUVD-2025-210033

Cvelist•added 5 days ago•33 views

CVE-2025-52759 WordPress Accordion FAQ plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability

ATTACKERKB•added 5 days ago•8 views

CVE-2025-52759

CVE•added 5 days ago•11 views

CVE-2025-52759

CVE-2025-52759 describes a Reflected XSS in the WordPress Accordion FAQ plugin (UnboundStudio) for versions <= 2.2.1, caused by improper neutralization of input during web page generation. According to the connected records, the affected component is the plugin’s input handling (Accordion FAQ)...