CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8997 matches found

CVE•added 2024/11/19 4:31 p.m.•41 views

CVE-2024-51804

CVE-2024-51804 : DOM-based XSS in WordPress plugin Moka Get Posts Shortcode (moka-get-posts)

6.5CVSS7.2AI score0.00374EPSS

Exploits0References1

Vulnrichment•added 2024/11/19 4:31 p.m.•7 views

CVE-2024-51804 WordPress Moka Get Posts Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bob Matsuoka Moka Get Posts Shortcode allows DOM-Based XSS.This issue affects Moka Get Posts Shortcode: from n/a through 1.0...

6.5CVSS6.9AI score0.00374EPSS

Exploits0References1

Vulnrichment•added 2024/11/19 4:31 p.m.•5 views

CVE-2024-51823 WordPress Add Ribbon Shortcode plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sherwin Calims Add Ribbon Shortcode allows DOM-Based XSS.This issue affects Add Ribbon Shortcode: from n/a through 1.0.1...

6.5CVSS7.2AI score0.00352EPSS

Exploits0References1

Cvelist•added 2024/11/19 4:31 p.m.•17 views

CVE-2024-51823 WordPress Add Ribbon Shortcode plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SherkSpear Add Ribbon Shortcode add-ribbon allows DOM-Based XSS.This issue affects Add Ribbon Shortcode: from n/a through = 1.0.1...

6.5CVSS0.00352EPSS

Exploits0References1

CVE•added 2024/11/19 4:31 p.m.•37 views

CVE-2024-51823

CVE-2024-51823 concerns the WordPress plugin Add Ribbon Shortcode (vulnerable up to 1.0.1) and describes a DOM‑Based XSS caused by improper input neutralization during web page generation. The description in the initial document states Cross-site Scripting for Add Ribbon Shortcode and lists affec...

6.5CVSS7.2AI score0.00352EPSS

Exploits0References1

Cvelist•added 2024/11/19 4:31 p.m.•13 views

CVE-2024-51827 WordPress Boombox Shortcode plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Movement Ventures Boombox Shortcode boombox-shortcode allows DOM-Based XSS.This issue affects Boombox Shortcode: from n/a through = 1.0.0...

6.5CVSS0.00361EPSS

Exploits0References1

Vulnrichment•added 2024/11/19 4:31 p.m.•6 views

CVE-2024-51827 WordPress Boombox Shortcode plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Boombox Boombox Shortcode allows DOM-Based XSS.This issue affects Boombox Shortcode: from n/a through 1.0.0...

6.5CVSS6.9AI score0.00361EPSS

Exploits0References1

CVE•added 2024/11/19 4:31 p.m.•42 views

CVE-2024-51827

CVE-2024-51827 concerns Boombox Shortcode plugin for WordPress. The connected sources confirm a DOM-based XSS due to improper input neutralization during web page generation, affecting Boombox Shortcode versions n/a through 1.0.0. The vulnerability is categorized as Cross‑Site Scripting with a me...

6.5CVSS7.2AI score0.00361EPSS

Exploits0References1

CVE•added 2024/11/19 4:31 p.m.•39 views

CVE-2024-51842

CVE-2024-51842 involves the WordPress plugin “Image Carousel Shortcode.” The vulnerability is a DOM-based XSS caused by improper input neutralization during web page generation, affecting Image Carousel Shortcode versions up to 1.2. The provided documents do not specify exploitation status, impac...

6.5CVSS7.2AI score0.00374EPSS

Exploits0References1

Cvelist•added 2024/11/19 4:31 p.m.•15 views

CVE-2024-51864 WordPress Shortcode Collection plugin <= 1.4 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Agnel Waghela Shortcode Collection shortcode-collection allows Stored XSS.This issue affects Shortcode Collection: from n/a through = 1.4...

6.5CVSS0.00302EPSS

Exploits0References1

Vulnrichment•added 2024/11/19 4:31 p.m.•7 views

CVE-2024-51864 WordPress Shortcode Collection plugin <= 1.4 - Stored Cross Site Scripting (XSS) vulnerability

6.5CVSS8.6AI score0.00302EPSS

Exploits0References1

CVE•added 2024/11/19 4:31 p.m.•44 views

CVE-2024-51864

CVE-2024-51864: WordPress Shortcode Collection plugin contains a Stored XSS due to improper input neutralization during page generation. Affected versions: Shortcode Collection

6.5CVSS7.2AI score0.00302EPSS

Exploits0References1

Vulnrichment•added 2024/11/19 4:31 p.m.•12 views

CVE-2024-51890 WordPress Geoportail Shortcode plugin <= 2.4.4 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in geoWP Geoportail Shortcode allows Stored XSS.This issue affects Geoportail Shortcode: from n/a through 2.4.4...

6.5CVSS6.7AI score0.00285EPSS

Exploits0References1

Cvelist•added 2024/11/19 4:31 p.m.•19 views

CVE-2024-51890 WordPress Geoportail Shortcode plugin <= 2.4.4 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in geoWP Geoportail Shortcode geoportail-shortcode allows Stored XSS.This issue affects Geoportail Shortcode: from n/a through = 2.4.4...

6.5CVSS0.00285EPSS

Exploits0References1

CVE•added 2024/11/19 4:31 p.m.•40 views

CVE-2024-51890

CVE-2024-51890 is a stored XSS vulnerability affecting the Geoportail Shortcode plugin for WordPress, with affected versions from n/a through 2.4.4. The issue is described as Improper Neutralization of Input During Web Page Generation. Public sources in connected documents confirm Geoportail Shor...

6.5CVSS7.2AI score0.00285EPSS

Exploits0References1

Vulnrichment•added 2024/11/19 4:31 p.m.•8 views

CVE-2024-51898 WordPress Semantic Shortcode plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sachin8600 Semantic Shortcode semantic-shortcode allows Stored XSS.This issue affects Semantic Shortcode: from n/a through = 1.0.1...

6.5CVSS8.6AI score0.00302EPSS

Exploits0References1

Cvelist•added 2024/11/19 4:31 p.m.•20 views

CVE-2024-51898 WordPress Semantic Shortcode plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00302EPSS

Exploits0References1

CVE•added 2024/11/19 4:31 p.m.•47 views

CVE-2024-51898

CVE-2024-51898 concerns the WordPress plugin Semantic Shortcode (by Sachin Jadhav). The CVE states an improper input neutralization in web page generation allows Stored XSS , affecting versions from n/a through 1.0.1. Connected sources corroborate the same description and reference vulnerability ...

6.5CVSS7.2AI score0.00302EPSS

Exploits0References1

OSV•added 2024/11/19 11:15 a.m.•5 views

CVE-2024-11038

The The WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7 Popup plugin for WordPress is vulnerable to arbitrary shortcode execution via wpbpcffirecontactform AJAX action in all versions up to, and including, 1.7.5. This is due to the software allowing users to...

7.3CVSS6.2AI score0.0057EPSS

Exploits0References5

NVD•added 2024/11/19 11:15 a.m.•21 views

CVE-2024-11038

7.3CVSS0.0057EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by