CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

98 matches found

NVD•added 2026/05/25 10:16 p.m.•3 views

CVE-2025-62745

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Team Showcase allows Stored XSS. This issue affects Team Showcase: from n/a through 1.22.28...

6.5CVSS0.00034EPSS

Exploits0References1

Vulnrichment•added 2026/05/25 9:34 p.m.•3 views

CVE-2025-62745 WordPress Team Showcase plugin <= 1.22.28 - Cross Site Scripting (XSS) vulnerability

6.5CVSS5.8AI score0.00034EPSS

Exploits0References1

CVE•added 2026/05/25 9:34 p.m.•12 views

CVE-2025-62745

CVE-2025-62745 concerns the WordPress plugin Team Showcase (PickPlugins)

6.5CVSS5.8AI score0.00034EPSS

Exploits0References1

ATTACKERKB•added 2026/05/25 9:34 p.m.•6 views

CVE-2025-62745

6.5CVSS5.8AI score0.00034EPSS

Exploits0References2

Cvelist•added 2026/05/25 9:34 p.m.•14 views

CVE-2025-62745 WordPress Team Showcase plugin <= 1.22.28 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00034EPSS

Exploits0References1

Patchstack•added 2026/05/25 9:33 p.m.•8 views

WordPress Team Showcase plugin <= 1.22.28 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Team Showcase versions = 1.22.28...

6.5CVSS5.8AI score0.00034EPSS

Exploits0Affected Software1

Positive Technologies•added 2026/05/25 12:0 a.m.•3 views

PT-2026-43132

Name of the Vulnerable Software and Affected Versions Team Showcase versions prior to 1.22.29 Description Improper neutralization of input during web page generation in PickPlugins Team Showcase allows for Stored Cross-site Scripting XSS, a condition where malicious scripts are permanently stored...

6.5CVSS5.8AI score0.00034EPSS

Exploits0References3

CNNVD•added 2026/05/25 12:0 a.m.•3 views

WordPress plugin Team Showcase 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS5.7AI score0.00034EPSS

Exploits0References1

RedhatCVE•added 2026/01/08 3:15 a.m.•2 views

CVE-2025-69335

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Team Showcase team-showcase allows Stored XSS.This issue affects Team Showcase: from n/a through = 2.9...

6.5CVSS6AI score0.00064EPSS

Exploits0References1

NVD•added 2026/01/06 5:15 p.m.•1 views

CVE-2025-69335

6.5CVSS0.00064EPSS

Exploits0References1

Vulnrichment•added 2026/01/06 4:36 p.m.•2 views

CVE-2025-69335 WordPress Team Showcase plugin <= 2.9 - Cross Site Scripting (XSS) vulnerability

6.5CVSS5.6AI score0.00064EPSS

Exploits0References1

Cvelist•added 2026/01/06 4:36 p.m.•23 views

CVE-2025-69335 WordPress Team Showcase plugin <= 2.9 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00064EPSS

Exploits0References1

CVE•added 2026/01/06 4:36 p.m.•4 views

CVE-2025-69335

CVE-2025-69335 corresponds to a Stored XSS (Improper Neutralization of Input During Web Page Generation) in the Team Showcase plugin for WordPress (Themepoints). The affected plugin is Team Showcase (team-showcase) and is vulnerable up to version 2.9; exploitation is authenticated (Contributor+)....

6.5CVSS5.6AI score0.00064EPSS

Exploits0References1

CNNVD•added 2026/01/06 12:0 a.m.•1 views

WordPress plugin Team Showcase 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS5.7AI score0.00064EPSS

Exploits0References1

Positive Technologies•added 2026/01/06 12:0 a.m.•2 views

PT-2026-1470

Name of the Vulnerable Software and Affected Versions Themepoints Team Showcase versions through 2.9 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting XSS issue. This specific instance allows for Stored X...

5.4CVSS5.4AI score0.00064EPSS

Exploits0References4

Patchstack•added 2025/12/30 9:45 a.m.•2 views

WordPress Team Showcase plugin <= 2.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Team Showcase versions = 2.9...

5.4CVSS6.1AI score0.00064EPSS

Exploits0Affected Software1

Patchstack•added 2025/11/04 5:7 a.m.•2 views

WordPress Centangle Team Showcase plugin <= 1.0.0 - Cross-Site Request Forgery To Plugin's Settings Modification And Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery To Plugin's Settings Modification And Stored Cross-Site Scripting vulnerability discovered by dayea song - Ahnlab in WordPress Plugin Centangle Team Showcase versions = 1.0.0...

6.1CVSS5.7AI score0.00017EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/11/04 4:27 a.m.•3 views

CVE-2025-12456 Centangle Team Showcase <= 1.0.0 - Cross-Site Request Forgery To Plugin's Settings Modification And Stored Cross-Site Scripting

The Centangle-Team plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to modify plugin's settings via a forged reques...

6.1CVSS5.2AI score0.00017EPSS

Exploits0References5