CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-24663

Malicious code in bioql PyPI...

4.8CVSS5.3AI score0.00206EPSS

Exploits2References1

RedhatCVE•added 2025/05/23 10:13 a.m.•5 views

CVE-2024-2836

The Social Share, Social Login and Social Comments Plugin WordPress plugin before 7.13.64 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS5.9AI score0.00332EPSS

Exploits2References1

CNNVD•added 2024/12/20 12:0 a.m.•1 views

WordPress plugin Download Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

4.8CVSS7.9AI score0.00252EPSS

Exploits1References2

CNNVD•added 2024/09/25 12:0 a.m.•1 views

WordPress plugin WP ULike 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.8CVSS6.5AI score0.00404EPSS

Exploits1References2

CNNVD•added 2024/06/26 12:0 a.m.•1 views

WordPress plugin Simple Photoswipe security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

4CVSS6.8AI score0.00073EPSS

Exploits2References2

CNNVD•added 2024/06/07 12:0 a.m.•2 views

WordPress Plugin WP Backpack Security Vulnerability

5.4CVSS6AI score0.00228EPSS

Exploits2References2

CNNVD•added 2024/05/23 12:0 a.m.•2 views

WordPress plugin Button contact VR 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

3.5CVSS6.2AI score0.00276EPSS

Exploits2References2

CNNVD•added 2024/05/23 12:0 a.m.•1 views

WordPress plugin Pet Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.8CVSS5.8AI score0.0017EPSS

Exploits2References2

CNNVD•added 2023/05/02 12:0 a.m.•1 views

WordPress plugin WP Custom Author URL 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A cross-site scripting vulnerability exists...

4.8CVSS6.3AI score0.00415EPSS

Exploits2References2

CNNVD•added 2023/03/10 12:0 a.m.•1 views

WordPress plugin USM-Premium 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

4.8CVSS6.3AI score0.00095EPSS

Exploits3References2

WPVulnDB•added 2022/12/07 12:0 a.m.•25 views

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Go to "Cognito Login » Configure OAuth",...

4.8CVSS0.9AI score0.00418EPSS

Exploits2Affected Software1

CNNVD•added 2022/12/05 12:0 a.m.•1 views

WordPress plugin Uji Countdown 跨站脚本漏洞

4.8CVSS5AI score0.00314EPSS

Exploits2References2

OSV•added 2022/09/16 9:15 a.m.•2 views

CVE-2022-2887

The WP Server Health Stats WordPress plugin before 1.7.0 does not escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.8AI score

Exploits0References1

CNNVD•added 2022/08/08 12:0 a.m.•1 views

WordPress plugin Auto More Tag 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

4.8CVSS5AI score0.00238EPSS

Exploits1References3

CNNVD•added 2022/07/17 12:0 a.m.•1 views

WordPress plugin Simple Post Notes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

4.8CVSS5AI score0.00206EPSS

Exploits2References2

CNNVD•added 2022/07/11 12:0 a.m.•4 views

WordPress plugin Popup Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. versions of the WordPress Popup Builder plugin prior to 4.1.11 contain a cross-site scripting vulnerabili...

4.8CVSS5.2AI score0.00206EPSS

Exploits2References3

CNNVD•added 2022/05/23 12:0 a.m.•3 views

WordPress plugin Curtain 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Curtain plugin is vulnerable to a cross-site scripting vulnerability that stems from not cleaning a...

4.8CVSS5.3AI score0.02402EPSS

Exploits1References3

OSV•added 2022/05/09 5:15 p.m.•3 views

CVE-2022-1338

The Easily Generate Rest API Url WordPress plugin through 1.0.0 does not escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.8AI score0.00206EPSS

Exploits2References1

CNNVD•added 2022/05/02 12:0 a.m.•1 views

WordPress plugin Event List 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Event List plugin versions prior to 0.8.8 contain a cross-site scripting vulnerability that stems...

4.8CVSS5.4AI score0.00282EPSS

Exploits2References2

CNNVD•added 2022/03/21 12:0 a.m.•9 views

WordPress plugin BulletProof Security 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress...

4.8CVSS4.9AI score0.00282EPSS

Exploits2References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by