CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

RedhatCVE•added 2026/01/09 10:32 a.m.•5 views

CVE-2017-18504

The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF...

8.8CVSS7.1AI score0.0018EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-9619

Malware in sbrugna...

6.1CVSS6.3AI score0.00408EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2017-9620

Malware in sbrugna...

8.8CVSS8.8AI score0.0018EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 5:35 a.m.•4 views

CVE-2017-18503

The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS...

6.1CVSS6.9AI score0.00408EPSS

Exploits0References1

Patchstack•added 2023/01/04 12:0 a.m.•4 views

WordPress Twitter Cards Meta Plugin <= 2.9.1 is vulnerable to Cross Site Scripting (XSS)

Software Twitter Cards Meta Type Plugin Vulnerable versions = 2.9.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Medium CVSS severity Medium 6.4 Developer Claim ownership PSID 2f6fcb189392 Credits N/A Required privilege...

5.9AI score

Exploits0References1Affected Software1

CNVD•added 2019/08/14 12:0 a.m.•2 views

WordPress twitter-cards-meta plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. twitter-cards-meta plugin is a Twitter account information display plugin used in it. A cross-site scripting vulnerability exists in...

6.1CVSS6.1AI score0.00408EPSS

Exploits0References1

CNVD•added 2019/08/14 12:0 a.m.•2 views

WordPress twitter-cards-meta plugin cross-site request forgery vulnerability

8.8CVSS6.5AI score0.0018EPSS

Exploits0References1

OSV•added 2019/08/12 4:15 p.m.•1 views

CVE-2017-18504

The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF...

8.8CVSS5.8AI score

Exploits0References1

OSV•added 2019/08/12 4:15 p.m.•1 views

CVE-2017-18503

The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS...

6.1CVSS5.8AI score0.00408EPSS

Exploits0References1

NVD•added 2019/08/12 4:15 p.m.•11 views

CVE-2017-18503

The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS...

6.1CVSS6.4AI score0.00408EPSS

Exploits0References1

Prion•added 2019/08/12 4:15 p.m.•15 views

Cross site scripting

The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS...

4.3CVSS6.4AI score0.00408EPSS

Exploits0References1Affected Software1

Prion•added 2019/08/12 4:15 p.m.•10 views

Cross site request forgery (csrf)

The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF...

6.8CVSS8.7AI score0.0018EPSS

Exploits0References1Affected Software1

CVE•added 2019/08/12 3:36 p.m.•41 views

CVE-2017-18503

The CVE-2017-18503 entry concerns the WordPress Twitter Cards Meta plugin (pre-2.5.0). The connected sources confirm a cross-site scripting (XSS) vulnerability in versions prior to 2.5.0 caused by insufficient validation of client-side data. Impact described as enabling attacker‑controlled script...

6.1CVSS6.4AI score0.00408EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/08/12 3:36 p.m.•14 views

CVE-2017-18503

The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS...

6.4AI score0.00408EPSS

Exploits0References1

Cvelist•added 2019/08/12 3:36 p.m.•14 views

CVE-2017-18504

The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF...

8.8AI score0.0018EPSS

Exploits0References1

CVE•added 2019/08/12 3:36 p.m.•52 views

CVE-2017-18504

CVE-2017-18504 affects the WordPress Twitter Cards Meta plugin prior to version 2.5.0. The connected sources consistently state a cross-site request forgery (CSRF) vulnerability in this plugin, indicating that an attacker could exploit CSRF to perform unintended actions on behalf of an authentica...

8.8CVSS8.7AI score0.0018EPSS

Exploits0References1Affected Software1

seebug.org•added 2017/04/25 12:0 a.m.•13 views

Cross-Site Request Forgery (CSRF)/Cross-Site Scripting (XSS) Vulnerability in Twitter Cards Meta

We recently found that the Twitter Cards Meta contains a cross-site request forgery CSRF/cross-site scripting XSS vulnerability on the plugin’s setting pages,/wp-admin/admin.php?page=twitter-cards-meta. The CSRF potion of the vulnerability was due to a lack of a nonce on the page and a lack of a...

6AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by