206 matches found
CVE-2017-18494
The custom-search-plugin plugin before 1.36 for WordPress has multiple XSS issues...
CVE-2020-12104
The Import feature in the wp-advanced-search plugin 3.3.6 for WordPress is vulnerable to authenticated SQL injection via an uploaded .sql file. An attacker can use this to execute SQL commands without any validation...
CVE-2025-67930
CVE-2025-67930 : Reflected Cross-Site Scripting in the WordPress plugin eHive Search (formerly ehive-search) for versions
WordPress eHive Search plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Skalucy in WordPress Plugin eHive Search versions = 2.5.0...
WordPress WP SEO Search plugin <= 1.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by hhhai in WordPress Plugin WP SEO Search versions = 1.1...
CVE-2025-14298
The FiboSearch – Ajax Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's thegemtesearch shortcode in all versions up to, and including, 1.32.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
Improper Certificate Validation
Overview org.elasticsearch.plugin:x-pack-security is an Elasticsearch Expanded Pack Plugin - Security Affected versions of this package are vulnerable to Improper Certificate Validation via the PKI realm. An attacker can impersonate other users by presenting specially crafted client certificates...
PT-2025-50822
The BUKAZU Search widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'shortcode' parameter of the 'bukazu search' shortcode in all versions up to, and including, 3.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
@avorati/strapi-plugin-preview (=1.0.1), @catchmexz/fedin-cms (>=5.30.1 <=5.30.2) +26 more potentially affected by CVE-2024-56143 via @strapi/core (>=5.0.0 <=5.5.1)
@strapi/core NPM version =5.0.0, =5.30.1, =1.0.0, =2.3.1, =2.0.2, =0.1.0, =2.0.0, =1.0.1, =5.0.0, =0.1.0, =0.2.0, =0.5.0 - cypherscan-strapi =0.1.1 - keycloak-auth-plugin =0.0.1 - my-shopify-app-backend =0.1.0 and more Source cves: CVE-2024-56143 Source advisory: SNYK:JS-STRAPICORE-13601313...
EUVD-2016-1911
Malware in sbrugna...
EUVD-2010-0666
Malware in sbrugna...
EUVD-2021-11148
Malware in sbrugna...
EUVD-2021-24801
Malware in sbrugna...
EUVD-2017-9610
Malware in sbrugna...
EUVD-2021-12017
Malware in sbrugna...
EUVD-2005-1159
Malware in sbrugna...
EUVD-2010-4486
Malware in sbrugna...
EUVD-2011-5094
Malware in sbrugna...
EUVD-2011-5093
Malware in sbrugna...
EUVD-2024-31825
Malicious code in bioql PyPI...