CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

109 matches found

OSV•added 2025/07/09 4:15 p.m.•2 views

CVE-2025-53674

Jenkins Sensedia Api Platform tools Plugin 1.0 does not mask the Sensedia API Manager integration token on the global configuration form, increasing the potential for attackers to observe and capture it...

5.3CVSS5.8AI score0.00252EPSS

Exploits0References2

Positive Technologies•added 2025/07/09 12:0 a.m.•15 views

PT-2025-28925 · Jenkins · Jenkins Sensedia Api Platform Tools Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Sensedia Api Platform Tools Plugin version 1.0 Description: The Jenkins Sensedia Api Platform Tools Plugin stores the Sensedia API Manager integration token unencrypted in its global configuration file on the Jenkins controller. This...

6.8CVSS6.1AI score0.00196EPSS

Exploits0References7

CNNVD•added 2025/06/06 12:0 a.m.•3 views

WordPress plugin WP Tools 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

4.3CVSS4.9AI score0.0014EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:37 a.m.•6 views

CVE-2023-35774

Cross-Site Request Forgery CSRF vulnerability in LWS LWS Tools plugin = 2.4.1 versions...

8.8CVSS7.1AI score0.00208EPSS

Exploits0

RedhatCVE•added 2025/05/23 3:32 a.m.•5 views

CVE-2023-27453

Cross-Site Request Forgery CSRF vulnerability in LWS LWS Tools plugin = 2.3.1 versions...

8.8CVSS7.1AI score0.00303EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:15 p.m.•3 views

CVE-2022-3881

The WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log WordPress plugin before 3.43 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and...

5.7CVSS5.7AI score0.00438EPSS

Exploits1References1

Vulnrichment•added 2025/05/15 6:24 p.m.•9 views

CVE-2024-56006 WordPress Jetpack Debug Tools plugin < 2.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Automattic Jetpack Debug Tools.This issue affects Jetpack Debug Tools: from n/a before 2.0.1...

5.3CVSS7.2AI score0.00267EPSS

Exploits0References1

CNNVD•added 2025/04/15 12:0 a.m.•2 views

WordPress plugin SEO Tools 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS7AI score0.00192EPSS

Exploits0References2

Patchstack•added 2025/03/20 11:20 a.m.•4 views

WordPress GDPR Tools plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Abdi Pranata in WordPress Plugin GDPR Tools versions = 1.0.2...

6.5CVSS7.6AI score0.00308EPSS

Exploits0Affected Software1

Cvelist•added 2025/03/11 6:0 a.m.•23 views

CVE-2024-13853 SEO Tools <= 4.0.7 - Reflected XSS

The SEO Tools WordPress plugin through 4.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

0.00599EPSS

Exploits1References1

Patchstack•added 2024/11/20 12:0 a.m.•10 views

WordPress Tailored Tools Plugin <= 1.8.4 is vulnerable to Cross Site Scripting (XSS)

Software Tailored Tools Type Plugin Vulnerable versions = 1.8.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52503 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0da9a28c2169 Credits CTRL Chance Required privilege Contributo...

6.5AI score0.00306EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/06/21 1:33 p.m.•11 views

CVE-2022-43453 WordPress WP Tools plugin <= 3.41 - Auth. Broken Access Control vulnerability

Missing Authorization vulnerability in Bill Minozzi WP Tools.This issue affects WP Tools: from n/a through 3.41...

8.8CVSS7AI score0.00469EPSS

Exploits0References1

CNNVD•added 2024/06/21 12:0 a.m.•4 views

WordPress plugin WP Tools security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

8.8CVSS6.8AI score0.00469EPSS

Exploits0References2

OSV•added 2023/11/22 2:15 p.m.•2 views

CVE-2023-27453

Cross-Site Request Forgery CSRF vulnerability in LWS LWS Tools plugin = 2.3.1 versions...

8.8CVSS5.8AI score

Exploits0References1

NVD•added 2023/11/22 2:15 p.m.•9 views

CVE-2023-27453

Cross-Site Request Forgery CSRF vulnerability in LWS LWS Tools plugin = 2.3.1 versions...

8.8CVSS0.00303EPSS

Exploits0References1

Prion•added 2023/11/22 2:15 p.m.•10 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in LWS LWS Tools plugin = 2.3.1 versions...

6.8CVSS7.3AI score0.00303EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/11/22 1:48 p.m.•4 views

CVE-2023-27453 WordPress LWS Tools Plugin <= 2.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in LWS LWS Tools plugin = 2.3.1 versions...

5.4CVSS8.8AI score0.00303EPSS

Exploits0References1

CVE•added 2023/11/22 1:48 p.m.•32 views

CVE-2023-27453

CVE-2023-27453 is a CSRF in the WordPress plugin LWS Tools (

8.8CVSS7.2AI score0.00303EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/11/13 12:0 a.m.•5 views

WordPress Plugin Webmaster Tools Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

7.1CVSS6.6AI score0.00204EPSS

Exploits0References2

Cvelist•added 2023/10/27 7:36 a.m.•23 views

CVE-2023-46093 WordPress Webmaster Tools Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in LionScripts.Com Webmaster Tools plugin = 2.0 versions...

5.9CVSS5.5AI score0.0031EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by