CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

31 matches found

EUVD•added 2026/04/08 9:31 a.m.•2 views

EUVD-2026-20321

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ashish Ajani WP Simple HTML Sitemap wp-simple-html-sitemap allows DOM-Based XSS.This issue affects WP Simple HTML Sitemap: from n/a through = 3.8...

5.9AI score0.00036EPSS

Exploits0References2

CNNVD•added 2026/04/08 12:0 a.m.•2 views

WordPress plugin WP Simple HTML Sitemap 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.9CVSS5.6AI score0.00036EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:28 a.m.•2 views

CVE-2023-49850

Missing Authorization vulnerability in Ashish Ajani WP Simple HTML Sitemap allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Simple HTML Sitemap: from n/a through 2.7...

5.3CVSS8.5AI score0.00176EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-30376

Malicious code in bioql PyPI...

7.1CVSS6.5AI score0.00305EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-9224

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00466EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-50829

Malicious code in bioql PyPI...

6.1CVSS7.1AI score0.00167EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-49388

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00077EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-53758

Malicious code in bioql PyPI...

5.3CVSS9AI score0.00176EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:3 a.m.•2 views

CVE-2023-46627

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Ashish Ajani WordPress Simple HTML Sitemap plugin = 2.1 versions...

7.1CVSS7AI score0.00167EPSS

Exploits0References1

RedhatCVE•added 2025/04/03 4:25 p.m.•3 views

CVE-2025-31822

Missing Authorization vulnerability in Ashish Ajani WP Simple HTML Sitemap wp-simple-html-sitemap allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Simple HTML Sitemap: from n/a through = 3.5...

5.3CVSS7.2AI score0.00466EPSS

Exploits0References1

NVD•added 2025/04/01 3:16 p.m.•2 views

CVE-2025-31822

Missing Authorization vulnerability in Ashish Ajani WP Simple HTML Sitemap wp-simple-html-sitemap allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Simple HTML Sitemap: from n/a through = 3.5...

5.3CVSS0.00466EPSS

Exploits0References1

Vulnrichment•added 2025/04/01 2:51 p.m.•6 views

CVE-2025-31822 WordPress WordPress Simple HTML Sitemap plugin <= 3.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ashish Ajani WP Simple HTML Sitemap wp-simple-html-sitemap allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Simple HTML Sitemap: from n/a through = 3.5...

5.3CVSS8.6AI score0.00466EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 12:3 p.m.•6 views

CVE-2024-7385

The WordPress Simple HTML Sitemap plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...

9.1CVSS7AI score0.13057EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 7:8 a.m.•5 views

CVE-2024-32574

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ashish Ajani WP Simple HTML Sitemap allows Reflected XSS.This issue affects WP Simple HTML Sitemap: from n/a through 2.8...

7.1CVSS5.2AI score0.00305EPSS

Exploits0References1

OSV•added 2024/09/25 4:15 a.m.•0 views

CVE-2024-7385

The WordPress Simple HTML Sitemap plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...

7.2CVSS5.8AI score

Exploits0References3

Patchstack•added 2024/09/25 1:30 a.m.•2 views

WordPress WordPress Simple HTML Sitemap plugin <= 3.1 - Authenticated (Admin+) SQL Injection vulnerability

Authenticated Admin+ SQL Injection vulnerability discovered by Nguyễn Trung Kiên in WordPress Plugin WP Simple HTML Sitemap versions = 3.1...

9.1CVSS8AI score0.13057EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/09/25 12:0 a.m.•6 views

WordPress WP Simple HTML Sitemap Plugin <= 3.1 is vulnerable to SQL Injection

Software WP Simple HTML Sitemap Type Plugin Vulnerable versions = 3.1 Fixed in 3.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-7385 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID b0efb3772326 Credits Nguyễn Trung Kiên Required privilege...

9.1CVSS6.8AI score0.13057EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2024/09/24 12:0 a.m.•2 views

PT-2024-38314 · WordPress · Wordpress Simple Html Sitemap

Name of the Vulnerable Software and Affected Versions: WordPress Simple HTML Sitemap plugin versions up to 3.1 Description: The issue allows authenticated attackers with Administrator-level access and above to append additional SQL queries into existing queries, potentially extracting sensitive...

9.1CVSS7AI score0.13057EPSS

Exploits0References13

WPVulnDB•added 2024/04/24 12:0 a.m.•14 views

WordPress Simple HTML Sitemap < 2.9 - Reflected Cross-Site Scripting

Description The WordPress Simple HTML Sitemap plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 2.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

7.1CVSS6.4AI score0.00305EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/04/18 9:36 a.m.•13 views

CVE-2024-32574 WordPress WP Simple HTML Sitemap plugin <= 2.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ashish Ajani WP Simple HTML Sitemap allows Reflected XSS.This issue affects WP Simple HTML Sitemap: from n/a through 2.8...

7.1CVSS7.1AI score0.00305EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by