CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

CNNVD•added 2026/05/20 12:0 a.m.•6 views

mailcow dockerized 跨站脚本漏洞

Mailcow Dockerized is an open-source application developed by Mailcow. The version 2026-03b of Mailcow Dockerized contains a cross-site scripting vulnerability. This vulnerability stems from a storage-based cross-site scripting vulnerability in the administrator’s queue manager, which may cause t...

7.4CVSS5.6AI score0.00052EPSS

Exploits0References1

CNNVD•added 2026/05/12 12:0 a.m.•5 views

Adobe Commerce 跨站脚本漏洞

Adobe Commerce is a leading global digital business solution for businesses and brands offered by Adobe in the United States. Adobe Commerce has a cross-site scripting vulnerability, which stems from a storage-based cross-site scripting issue. This vulnerability could allow high-privilege attacke...

4.8CVSS5.6AI score0.00021EPSS

Exploits0References1

CNNVD•added 2026/04/27 12:0 a.m.•5 views

ProjeQtOr 跨站脚本漏洞

ProjeQtOr is a project management software developed by the French company ProjeQtOr. Versions 7.0 to 12.4.3 of ProjeQtOr contain cross-site scripting vulnerabilities. These vulnerabilities stem from the checkValidHtmlText function in the Security.php file, which improperly cleans user input,...

5.4CVSS5.7AI score0.00036EPSS

Exploits0References2

CNNVD•added 2026/04/08 12:0 a.m.•4 views

WordPress plugin WPBITS Addons For Elementor Page Builder 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.5CVSS5.7AI score0.00039EPSS

Exploits0References1

CNNVD•added 2026/04/07 12:0 a.m.•3 views

Bludit 跨站脚本漏洞

Bludit is an open-source, lightweight blog content management system developed by Bludit. Versions 3.17.2 and 3.18.0 of Bludit contain cross-site scripting vulnerabilities. These vulnerabilities stem from a storage-based cross-site scripting flaw in the page creation function. This allows...

5.4CVSS5.6AI score0.00073EPSS

Exploits0References2

CNNVD•added 2026/04/01 12:0 a.m.•5 views

CI4MS 跨站脚本漏洞

CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS prior to 0.31.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper cleanup of user inputs when creating or editing pages within the page management functionality, which...

9.1CVSS5.6AI score0.00058EPSS

Exploits1References2

CNNVD•added 2026/03/26 12:0 a.m.•3 views

WordPress plugin Simple Download Counter 跨站脚本漏洞

6.4CVSS5.7AI score0.00084EPSS

Exploits0References10

CNNVD•added 2026/03/21 12:0 a.m.•4 views

WordPress plugin Autoptimize 跨站脚本漏洞

6.4CVSS5.6AI score0.00024EPSS

Exploits0References8

CNNVD•added 2026/03/21 12:0 a.m.•3 views

WordPress plugin Ed s Font Awesome 跨站脚本漏洞

6.4CVSS5.7AI score0.00045EPSS

Exploits0References4

CNNVD•added 2026/03/21 12:0 a.m.•6 views

WordPress plugin Ricerca 跨站脚本漏洞

4.4CVSS5.7AI score0.00033EPSS

Exploits0References2

CNNVD•added 2026/03/18 12:0 a.m.•3 views

WordPress plugin Post SMTP 跨站脚本漏洞

7.2CVSS5.7AI score0.00122EPSS

Exploits0References3

CNNVD•added 2026/03/05 12:0 a.m.•3 views

WordPress plugin Fluent Forms Pro 跨站脚本漏洞

7.2CVSS5.7AI score0.00206EPSS

Exploits0References3

CNNVD•added 2026/03/04 12:0 a.m.•4 views

WordPress plugin My Calendar – Accessible Event Manager 跨站脚本漏洞

6.4CVSS5.7AI score0.00017EPSS

Exploits0References7

CNNVD•added 2026/03/03 12:0 a.m.•2 views

HomeBox 跨站脚本漏洞

HomeBox is an open-source project developed by SysAdmins Media, designed for home users. Versions of HomeBox prior to 0.24.0-rc.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from the project’s attachment upload feature, where the types of uploaded files were not...

5.4CVSS5.7AI score0.00041EPSS

Exploits0References2

CNNVD•added 2026/02/27 12:0 a.m.•5 views

Statamic 跨站脚本漏洞

Statamic is a powerful flat-file CMS built using Laravel by Statamic Inc. It allows all content, templates, assets, and settings to be stored in files rather than in a database. Versions of Statamic 5.73.11 and earlier, as well as 6.4.0 and earlier, had a cross-site scripting vulnerability. This...

8.7CVSS5.6AI score0.00013EPSS

Exploits0References4

CNNVD•added 2026/02/19 12:0 a.m.•5 views

WordPress plugin Renden 跨站脚本漏洞

6.4CVSS5.7AI score0.00043EPSS

Exploits0References3

CNNVD•added 2026/02/19 12:0 a.m.•6 views

Comodo Dome Firewall 跨站脚本漏洞

Comodo Dome Firewall is a unified threat management and next-generation firewall provided by the Chinese company Comodo. Version 2.7.0 of Comodo Dome Firewall contains a cross-site scripting vulnerability. This vulnerability stems from insufficient input validation for the adminname, name, and...

6.4CVSS5.6AI score0.00018EPSS

Exploits1References4

CNNVD•added 2026/02/18 12:0 a.m.•2 views

WordPress plugin Community Events 跨站脚本漏洞

4.4CVSS5.6AI score0.00014EPSS

Exploits0References5

CNNVD•added 2026/02/14 12:0 a.m.•4 views

WordPress plugin Simple Plyr 跨站脚本漏洞

6.4CVSS5.7AI score0.00014EPSS

Exploits0References2

CNNVD•added 2026/02/14 12:0 a.m.•3 views

WordPress plugin Press3D 跨站脚本漏洞