CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Cvelist•added 2026/05/14 2:51 p.m.•32 views

CVE-2026-44482 soundcloud-rpc: Remote Code Execution via XSS in Track Title

soundcloud-rpc is a SoundCloud Client with Discord Rich Presence, Dark Mode, Last.fm and AdBlock support. Prior to 0.1.8, a track title containing an HTML payload executed locally in the Electron app. This means attacker-controlled SoundCloud track metadata can lead to local command execution on...

9.6CVSS0.00127EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-29694

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00059EPSS

Exploits0References5

RedhatCVE•added 2025/09/19 6:25 a.m.•3 views

CVE-2025-9203

The Media Player Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'subtitlessize', 'tracktitle', and 'trackartistname' parameters in version 1.0.5. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This...

6.4CVSS5.3AI score0.00059EPSS

Exploits0References1

CNVD•added 2025/09/19 12:0 a.m.•2 views

WordPress Media Player Addons for Elementor plugin cross-site scripting vulnerability

WordPress Media Player Addons for Elementor plugin is a plugin designed for Elementor page builder, mainly used to extend the media playback functionality. A cross-site scripting vulnerability exists in the WordPress Media Player Addons for Elementor plugin, which stems from insufficient input...

6.4CVSS6.3AI score0.00059EPSS

Exploits0References1

NVD•added 2025/09/17 7:15 a.m.•3 views

CVE-2025-9203

6.4CVSS0.00059EPSS

Exploits0References4

Cvelist•added 2025/09/17 6:17 a.m.•4 views

CVE-2025-9203 Media Player Addons for Elementor <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widget Fields

6.4CVSS0.00059EPSS

Exploits0References4

CVE•added 2025/09/17 6:17 a.m.•14 views

CVE-2025-9203

CVE-2025-9203 concerns the WordPress plugin Media Player Addons for Elementor (versions ≤ 1.0.5). The issue is Stored Cross-Site Scripting caused by insufficient input sanitization and output escaping for the parameters subtitle_ssize , track_title , and track_artist_name . With contributor-level...

6.4CVSS4.9AI score0.00059EPSS

Exploits0References4

CNNVD•added 2025/09/17 12:0 a.m.•1 views

WordPress plugin Media Player Addons for Elementor 跨站脚本漏洞

6.4CVSS6.2AI score0.00059EPSS

Exploits0References4

Positive Technologies•added 2025/09/17 12:0 a.m.•4 views

PT-2025-38121

Name of the Vulnerable Software and Affected Versions: Media Player Addons for Elementor plugin for WordPress version 1.0.5 Description: The Media Player Addons for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting due to insufficient input sanitization and output...

6.4CVSS5.3AI score0.00059EPSS

Exploits0References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by