CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

39 matches found

RedhatCVE•added 2026/02/20 1:26 p.m.•1 views

CVE-2026-25319

Cross-Site Request Forgery CSRF vulnerability in wpzita Zita Elementor Site Library zita-site-library allows Cross Site Request Forgery.This issue affects Zita Elementor Site Library: from n/a through = 1.6.6...

4.3CVSS5.5AI score0.0002EPSS

Exploits0References1

Cvelist•added 2026/02/19 8:26 a.m.•24 views

CVE-2026-25319 WordPress Zita Elementor Site Library plugin <= 1.6.6 - Cross Site Request Forgery (CSRF) vulnerability

4.3CVSS0.0002EPSS

Exploits0References1

Vulnrichment•added 2026/02/19 8:26 a.m.•2 views

CVE-2026-25319 WordPress Zita Elementor Site Library plugin <= 1.6.6 - Cross Site Request Forgery (CSRF) vulnerability

4.3CVSS5.5AI score0.0002EPSS

Exploits0References1

ATTACKERKB•added 2026/02/19 8:26 a.m.•3 views

CVE-2026-25319

5.5AI score0.0002EPSS

Exploits0References2

CVE•added 2026/02/19 8:26 a.m.•6 views

CVE-2026-25319

CVE-2026-25319 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Zita Elementor Site Library (zita-site-library) affecting versions up to 1.6.6. The issue allows CSRF as stated across multiple sources (NVD, Red Hat, CVE list, PatchStack, etc.). The CVSS v3.1 base...

4.3CVSS5.4AI score0.0002EPSS

Exploits0References1

Positive Technologies•added 2026/02/19 12:0 a.m.•2 views

PT-2026-20689

5.5AI score0.0002EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-13740

Malicious code in bioql PyPI...

6.5CVSS7.3AI score0.00143EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-31841

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00209EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-36651

Malicious code in bioql PyPI...

9.9CVSS6.5AI score0.00889EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:45 a.m.•5 views

CVE-2024-8921

The Zita Elementor Site Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level acce...

6.4CVSS5.8AI score0.00284EPSS

Exploits0References1

RedhatCVE•added 2025/05/09 3:26 p.m.•2 views

CVE-2025-47656

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spiracle Themes Spiraclethemes Site Library spiraclethemes-site-library allows Stored XSS.This issue affects Spiraclethemes Site Library: from n/a through = 1.5.4...

6.5CVSS7.2AI score0.00143EPSS

Exploits0References1

NVD•added 2025/05/07 3:16 p.m.•5 views

CVE-2025-47656

6.5CVSS0.00143EPSS

Exploits0References1

Cvelist•added 2025/05/07 2:20 p.m.•14 views

CVE-2025-47656 WordPress Spiraclethemes Site Library plugin <= 1.5.4 - Cross Site Scripting (XSS) Vulnerability

6.5CVSS0.00143EPSS

Exploits0References1

Vulnrichment•added 2025/05/07 2:20 p.m.•3 views

CVE-2025-47656 WordPress Spiraclethemes Site Library plugin <= 1.5.4 - Cross Site Scripting (XSS) Vulnerability

6.5CVSS7.2AI score0.00143EPSS

Exploits0References1

Positive Technologies•added 2025/05/07 12:0 a.m.•1 views

PT-2025-20209 · Spiraclethemes · Spiraclethemes Site Library

Name of the Vulnerable Software and Affected Versions: Spiraclethemes Site Library versions 1.4.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker...

6.5CVSS6.8AI score0.00143EPSS

Exploits0References4

RedhatCVE•added 2025/02/05 2:37 a.m.•2 views

CVE-2024-33644

Improper Control of Generation of Code 'Code Injection' vulnerability in WPCustomify Customify Site Library allows Code Injection.This issue affects Customify Site Library: from n/a through 0.0.9...

9.9CVSS7AI score0.1704EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 12:37 a.m.•3 views

CVE-2024-37420

Unrestricted Upload of File with Dangerous Type vulnerability in WPZita Zita Elementor Site Library allows Upload a Web Shell to a Web Server.This issue affects Zita Elementor Site Library: from n/a through 1.6.1...

9.9CVSS6.8AI score0.00889EPSS

Exploits0

Cvelist•added 2024/10/16 11:3 a.m.•16 views

CVE-2024-8921 Zita Elementor Site Library <= 1.6.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

6.4CVSS0.00284EPSS

Exploits0References6

Patchstack•added 2024/10/16 3:57 a.m.•2 views

WordPress Zita Elementor Site Library plugin <= 1.6.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Francesco Carlucci in WordPress Plugin Zita Elementor Site Library versions = 1.6.3...

6.4CVSS5.7AI score0.00284EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/10/16 12:0 a.m.•8 views

WordPress Zita Elementor Site Library Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS)

Software Zita Elementor Site Library Type Plugin Vulnerable versions = 1.6.3 Fixed in 1.6.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8921 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 13fd5fea2d7c Credits Francesco...

6.4CVSS6AI score0.00284EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by