CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1408 matches found

CVE•added 2025/10/15 6:0 a.m.•15 views

CVE-2025-10406

CVE-2025-10406 affects the BlindMatrix e-Commerce WordPress plugin. The vulnerability arises from unvalidated shortcode attributes that are used to build file includes, enabling Local File Inclusion (LFI) when exploited by authenticated users (e.g., contributors). The issue is triggered by genera...

5.5CVSS6.2AI score0.0024EPSS

Exploits0References1

Positive Technologies•added 2025/10/15 12:0 a.m.•2 views

PT-2025-42229

The BlindMatrix e-Commerce WordPress plugin before 3.1 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users, such as contributors, to perform LFI attacks...

6.7AI score0.0024EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•8 views

EUVD-2021-11380

Malware in sbrugna...

5.4CVSS5.6AI score0.00624EPSS

Exploits2References2

EUVD•added 2025/10/07 12:30 a.m.•8 views

EUVD-2018-20769

Malware in sbrugna...

5.4CVSS5.4AI score0.03244EPSS

Exploits5References5

RedhatCVE•added 2025/10/04 11:53 a.m.•9 views

CVE-2025-9876

The Ird Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'irdslider' shortcode in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5AI score0.00221EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-12169

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00471EPSS

Exploits2References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-12425

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00471EPSS

Exploits2References1