CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

2096 matches found

Positive Technologies•added 2025/07/04 12:0 a.m.•3 views

PT-2025-27840 · WordPress · Wp Shortcodes Plugin

Name of the Vulnerable Software and Affected Versions: WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress versions up to, and including, 7.4.0 Description: The issue is related to Stored Cross-Site Scripting via the data-url DOM element attribute due to insufficient input sanitizatio...

6.4CVSS5.7AI score0.00175EPSS

Exploits0References7

CNNVD•added 2025/06/27 12:0 a.m.•1 views

WordPress plugin FL3R Accessibility Suite 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.7AI score0.00165EPSS

Exploits0References2

CNVD•added 2025/06/24 12:0 a.m.•3 views

WordPress Arconix Shortcodes plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Arconix Shortcodes plugin that originates from an improper neutralization and can be exploited by an attacker to...

6.5CVSS6.6AI score0.00156EPSS

Exploits0References1

RedhatCVE•added 2025/06/19 3:21 p.m.•10 views

CVE-2025-49855

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows DOM-Based XSS.This issue affects Meks Flexible Shortcodes: from n/a through = 1.3.7...

6.5CVSS5.9AI score0.00156EPSS

Exploits0References1

RedhatCVE•added 2025/06/19 3:21 p.m.•7 views

CVE-2025-49858

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tychesoftwares Arconix Shortcodes arconix-shortcodes allows Stored XSS.This issue affects Arconix Shortcodes: from n/a through = 2.1.17...

6.5CVSS5.9AI score0.00156EPSS

Exploits0References1

NVD•added 2025/06/17 3:15 p.m.•4 views

CVE-2025-49858

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tychesoftwares Arconix Shortcodes arconix-shortcodes allows Stored XSS.This issue affects Arconix Shortcodes: from n/a through = 2.1.17...

6.5CVSS0.00156EPSS

Exploits0References1

NVD•added 2025/06/17 3:15 p.m.•2 views

CVE-2025-49855

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows DOM-Based XSS.This issue affects Meks Flexible Shortcodes: from n/a through = 1.3.7...

6.5CVSS0.00156EPSS

Exploits0References1

CVE•added 2025/06/17 3:1 p.m.•14 views

CVE-2025-49855

CVE-2025-49855 affects the WordPress plugin Meks Flexible Shortcodes (versions from unknown up to and including 1.3.7). The issue is an DOM-based Cross-Site Scripting (XSS) vulnerability resulting from improper input neutralization during web page generation. Public references confirm the vulnera...

6.5CVSS5.9AI score0.00156EPSS

Exploits0References1

Cvelist•added 2025/06/17 3:1 p.m.•9 views

CVE-2025-49855 WordPress Meks Flexible Shortcodes plugin <= 1.3.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows DOM-Based XSS.This issue affects Meks Flexible Shortcodes: from n/a through = 1.3.7...

6.5CVSS0.00156EPSS

Exploits0References1

Vulnrichment•added 2025/06/17 3:1 p.m.•2 views

CVE-2025-49855 WordPress Meks Flexible Shortcodes plugin <= 1.3.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes allows DOM-Based XSS. This issue affects Meks Flexible Shortcodes: from n/a through 1.3.7...

6.5CVSS6.5AI score0.00156EPSS

Exploits0References1

Cvelist•added 2025/06/17 3:1 p.m.•9 views

CVE-2025-49858 WordPress Arconix Shortcodes plugin <= 2.1.17 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tychesoftwares Arconix Shortcodes arconix-shortcodes allows Stored XSS.This issue affects Arconix Shortcodes: from n/a through = 2.1.17...

6.5CVSS0.00156EPSS

Exploits0References1

Vulnrichment•added 2025/06/17 3:1 p.m.•3 views

CVE-2025-49858 WordPress Arconix Shortcodes plugin <= 2.1.17 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tychesoftwares Arconix Shortcodes arconix-shortcodes allows Stored XSS.This issue affects Arconix Shortcodes: from n/a through = 2.1.17...

6.5CVSS5.9AI score0.00156EPSS

Exploits0References1

CVE•added 2025/06/17 3:1 p.m.•13 views

CVE-2025-49858

CVE-2025-49858 concerns the WordPress Arconix Shortcodes plugin. The vulnerability is a Cross-Site Scripting (Stored XSS) due to improper neutralization of input during web page generation, affecting Arconix Shortcodes versions up to and including 2.1.17. The issue is rooted in input handling wit...

6.5CVSS5.9AI score0.00156EPSS

Exploits0References1

OSV•added 2025/06/17 12:15 p.m.•2 views

CVE-2025-5291

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mastersliderpb and msslide shortcodes in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping on user supplied attributes...

5.4CVSS6AI score

Exploits0References7

CNNVD•added 2025/06/17 12:0 a.m.•2 views

WordPress plugin Arconix Shortcodes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Arconix Shortcodes plugin that originates from an improper neutralization and can be exploited by an attacker to...

6.5CVSS6.2AI score0.00156EPSS

Exploits0References3

CNNVD•added 2025/06/17 12:0 a.m.•1 views

WordPress plugin Meks Flexible Shortcodes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.5CVSS6AI score0.00156EPSS

Exploits0References3

CNNVD•added 2025/06/17 12:0 a.m.•3 views

WordPress plugin Master Slider – Responsive Touch Slider 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS5.7AI score0.00213EPSS

Exploits0References9

Positive Technologies•added 2025/06/17 12:0 a.m.•2 views

PT-2025-25716 · Unknown · Meks Flexible Shortcodes

Name of the Vulnerable Software and Affected Versions: Meks Flexible Shortcodes versions 1.3.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an attacker...

6.5CVSS6.2AI score0.00156EPSS

Exploits0References4

Positive Technologies•added 2025/06/17 12:0 a.m.•3 views

PT-2025-25719 · Unknown · Arconix Shortcodes

Name of the Vulnerable Software and Affected Versions: Arconix Shortcodes versions through 2.1.17 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...

6.5CVSS6.2AI score0.00156EPSS

Exploits0References4

Patchstack•added 2025/06/12 5:5 p.m.•9 views

WordPress Arconix Shortcodes plugin <= 2.1.17 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Arconix Shortcodes versions = 2.1.17...

6.5CVSS5.9AI score0.00156EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by