CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-31362

Malicious code in bioql PyPI...

7.1CVSS6.4AI score0.00155EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-28471

Malicious code in bioql PyPI...

7.1CVSS8.6AI score0.00084EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 9:35 a.m.•7 views

CVE-2024-30551

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Toast Plugins Sticky Anything.This issue affects Sticky Anything: from n/a through 2.1.5...

7.1CVSS8.6AI score0.00084EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 2:41 a.m.•3 views

CVE-2024-33646

Cross-Site Request Forgery CSRF vulnerability in Toast Plugins Sticky Anything allows Cross-Site Scripting XSS.This issue affects Sticky Anything: from n/a through 2.1.5...

7.1CVSS5.1AI score0.00155EPSS

Exploits0References1

WPVulnDB•added 2024/05/01 12:0 a.m.•13 views

Sticky Anything <= 2.1.5 - Missing Authorization

Description The Sticky Anything plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 2.1.5. This makes it possible for unauthenticated attackers to perform an unauthorized action that can lead to Stored...

7.1CVSS6.6AI score0.00155EPSS

Exploits0References1

NVD•added 2024/04/29 5:15 a.m.•10 views

CVE-2024-33646

Cross-Site Request Forgery CSRF vulnerability in Toast Plugins Sticky Anything allows Cross-Site Scripting XSS.This issue affects Sticky Anything: from n/a through 2.1.5...

7.1CVSS6.7AI score0.00155EPSS

Exploits0References1

Vulnrichment•added 2024/04/29 4:57 a.m.•11 views

CVE-2024-33646 WordPress Sticky Anything plugin <= 2.1.5 - Broken Access Control to XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Toast Plugins Sticky Anything allows Cross-Site Scripting XSS.This issue affects Sticky Anything: from n/a through 2.1.5...

7.1CVSS6.6AI score0.00155EPSS

Exploits0References1

CVE•added 2024/04/29 4:57 a.m.•44 views

CVE-2024-33646

CVE-2024-33646 (Sticky Anything, Toast plugin) affects the WordPress plugin Sticky Anything (Toast Stick Anything) up to version 2.1.5. The connected documents indicate a Missing Authorization issue that allows a CSRF attack to trigger a Cross‑Site Scripting (XSS) condition. The description from ...

7.1CVSS5.1AI score0.00155EPSS

Exploits0References1

CNNVD•added 2024/04/29 12:0 a.m.•2 views

WordPress plugin Sticky Anything 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

7.1CVSS6.8AI score0.00155EPSS

Exploits0References2

Positive Technologies•added 2024/04/28 12:0 a.m.•3 views

PT-2024-25407 · Toast Plugins · Toast Plugins Sticky Anything

Name of the Vulnerable Software and Affected Versions: Toast Plugins Sticky Anything versions through 2.1.5 Description: A Cross-Site Request Forgery CSRF issue in Toast Plugins Sticky Anything allows Cross-Site Scripting XSS. Recommendations: For versions through 2.1.5, update to a version later...

7.1CVSS6.6AI score0.00155EPSS

Exploits0References4

Patchstack•added 2024/04/25 6:17 p.m.•4 views

WordPress Sticky Anything plugin <= 2.1.5 - Broken Access Control to XSS vulnerability

Broken Access Control to XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Sticky Anything versions = 2.1.5...

7.1CVSS6.4AI score0.00155EPSS

Exploits0Affected Software1

Patchstack•added 2024/04/25 12:0 a.m.•6 views

WordPress Sticky Anything Plugin <= 2.1.5 is vulnerable to Broken Access Control

Software Sticky Anything Type Plugin Vulnerable versions = 2.1.5 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33646 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID da01f8f0e18d Credits Dimas Maulana Required...

7.1CVSS6.5AI score0.00155EPSS

Exploits0References1Affected Software1

NVD•added 2024/03/31 8:15 p.m.•8 views

CVE-2024-30551

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Toast Plugins Sticky Anything.This issue affects Sticky Anything: from n/a through 2.1.5...

7.1CVSS7AI score0.00084EPSS

Exploits0References1

Vulnrichment•added 2024/03/31 7:56 p.m.•21 views

CVE-2024-30551 WordPress Sticky Anything plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Toast Plugins Sticky Anything.This issue affects Sticky Anything: from n/a through 2.1.5...

7.1CVSS6.9AI score0.00084EPSS

Exploits0References1

Cvelist•added 2024/03/31 7:56 p.m.•16 views

CVE-2024-30551 WordPress Sticky Anything plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Toast Plugins Sticky Anything.This issue affects Sticky Anything: from n/a through 2.1.5...

7.1CVSS7.1AI score0.00084EPSS

Exploits0References1

CVE•added 2024/03/31 7:56 p.m.•52 views

CVE-2024-30551

CVE-2024-30551 (Sticky Anything, Toast Stick Anything WordPress plugin) is an unauthenticated Stored XSS in Sticky Anything, affecting versions up to 2.1.5. The CVSSv3.1 score is 7.1 (HIGH) with Network attack vector, no privileges, user interaction required, and changed scope; impact to confiden...

7.1CVSS8.6AI score0.00084EPSS

Exploits0References1

Positive Technologies•added 2024/03/31 12:0 a.m.•2 views

PT-2024-23481 · Unknown · Sticky Anything

Name of the Vulnerable Software and Affected Versions: Sticky Anything versions n/a through 2.1.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for potentially malicious scripts to be injected into...

7.1CVSS9.3AI score0.00084EPSS

Exploits0References3

CNNVD•added 2024/03/31 12:0 a.m.•2 views

WordPress Plugin Sticky Anything 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

7.1CVSS7.3AI score0.00084EPSS

Exploits0References2

Patchstack•added 2024/03/29 10:45 a.m.•2 views

WordPress Sticky Anything plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Sticky Anything versions = 2.1.5...

7.1CVSS7.1AI score0.00084EPSS

Exploits0Affected Software1

Patchstack•added 2024/03/29 12:0 a.m.•7 views

WordPress Sticky Anything Plugin <= 2.1.5 is vulnerable to Cross Site Scripting (XSS)

Software Sticky Anything Type Plugin Vulnerable versions = 2.1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30551 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 25bb0e7db645 Credits Mika Required privilege...

7.1CVSS6.5AI score0.00084EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by