CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

31 matches found

RedhatCVE•added 2026/01/09 10:32 a.m.•4 views

CVE-2017-18504

The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF...

8.8CVSS7.1AI score0.0018EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-9619

Malware in sbrugna...

6.1CVSS6.3AI score0.00408EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-9620

Malware in sbrugna...

8.8CVSS8.8AI score0.0018EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 5:35 a.m.•2 views

CVE-2017-18503

The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS...

6.1CVSS6.9AI score0.00408EPSS

Exploits0References1

OSSF Malicious Packages•added 2024/06/25 1:52 p.m.•3 views

Malicious code in twitter-cards (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score

Exploits0References1

OSV•added 2024/06/25 1:52 p.m.•5 views

MAL-2024-7041 Malicious code in twitter-cards (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score

Exploits0References1

CVE•added 2024/03/05 1:56 a.m.•54 views

CVE-2024-1769

The CVE-2024-1769 entry concerns the JM Twitter Cards WordPress plugin. Public data confirms information exposure via the meta description that can let unauthenticated users view password-protected post content from the page source in versions up to 12. The vulnerability is documented across mult...

5.3CVSS6.7AI score0.00317EPSS

Exploits0References3Affected Software1

Cvelist•added 2024/03/05 1:56 a.m.•12 views

CVE-2024-1769 JM Twitter Cards <= 14 - Information Exposure via Meta Description

The JM Twitter Cards plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 14 via the meta description data. This makes it possible for unauthenticated attackers to view password protected post content when viewing the page source...

5.3CVSS5.5AI score0.00317EPSS

Exploits0References3

CNNVD•added 2024/03/05 12:0 a.m.•2 views

WordPress Plugin JM Twitter Cards Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an...

5.3CVSS6.2AI score0.00317EPSS

Exploits0References3

Patchstack•added 2024/03/04 12:0 a.m.•6 views

WordPress JM Twitter Cards Plugin <= 12 is vulnerable to Sensitive Data Exposure

Software JM Twitter Cards Type Plugin Vulnerable versions = 12 Fixed in 14 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-1769 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID af82bb91b645 Credits Krzysztof Zając Required...

5.3CVSS6.5AI score0.00317EPSS

Exploits0References2Affected Software1

WPVulnDB•added 2024/03/04 12:0 a.m.•16 views

JM Twitter Cards < 14.1.0 - Password Protected Post Access

Description The plugin is vulnerable to Information Exposure via the meta description data, allowing unauthenticated attackers to view password protected post content when viewing the page source...

5.3CVSS7AI score0.00317EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/03/04 12:0 a.m.•2 views

PT-2024-18290 · WordPress · Jm Twitter Cards

Name of the Vulnerable Software and Affected Versions: JM Twitter Cards plugin for WordPress versions up to, and including, 12 Description: The issue allows unauthenticated attackers to view password protected post content when viewing the page source, due to Information Exposure via the meta...

5.3CVSS7.5AI score0.00317EPSS

Exploits0References6

CNNVD•added 2023/03/04 12:0 a.m.•1 views

Artesãos SEOTools 输入验证错误漏洞

SEOTools is an Artesãos open source SEO tool for Laravel and Lumen. Artesãos SEOTools prior to version 0.17.2 has an input validation error vulnerability that stems from a problem with the function eachValue in the file TwitterCards.php, where manipulation of the parameter value results in an ope...

6.1CVSS5.5AI score0.00282EPSS

Exploits1References6

Patchstack•added 2023/01/04 12:0 a.m.•3 views

WordPress Twitter Cards Meta Plugin <= 2.9.1 is vulnerable to Cross Site Scripting (XSS)

Software Twitter Cards Meta Type Plugin Vulnerable versions = 2.9.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Medium CVSS severity Medium 6.4 Developer Claim ownership PSID 2f6fcb189392 Credits N/A Required privilege...

5.9AI score

Exploits0References1Affected Software1

CNVD•added 2019/08/14 12:0 a.m.•2 views

WordPress twitter-cards-meta plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. twitter-cards-meta plugin is a Twitter account information display plugin used in it. A cross-site scripting vulnerability exists in...

6.1CVSS6.1AI score0.00408EPSS

Exploits0References1

CNVD•added 2019/08/14 12:0 a.m.•2 views

WordPress twitter-cards-meta plugin cross-site request forgery vulnerability

8.8CVSS6.5AI score0.0018EPSS

Exploits0References1

OSV•added 2019/08/12 4:15 p.m.•0 views

CVE-2017-18504

The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF...

8.8CVSS5.8AI score

Exploits0References1

OSV•added 2019/08/12 4:15 p.m.•0 views