CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Positive Technologies•added 2026/01/07 12:0 a.m.•4 views

PT-2026-1593

Name of the Vulnerable Software and Affected Versions WP Status Notifier plugin for WordPress versions prior to 1.1 Description The WP Status Notifier plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is caused by insufficient or incorrect nonce validation when updating...

4.3CVSS6.2AI score0.00124EPSS

Exploits0References5

Positive Technologies•added 2026/01/07 12:0 a.m.•3 views

PT-2026-1610

Name of the Vulnerable Software and Affected Versions The Cool YT Player plugin for WordPress versions prior to 1.1 Description The Cool YT Player plugin for WordPress is susceptible to Stored Cross-Site Scripting through the videoid parameter. Insufficient input sanitization and output escaping...

6.4CVSS5.3AI score0.00228EPSS

Exploits0References5

Positive Technologies•added 2025/11/11 12:0 a.m.•5 views

PT-2025-46287

Name of the Vulnerable Software and Affected Versions Coon Google Maps plugin for WordPress versions prior to 1.1 Description The Coon Google Maps plugin for WordPress is susceptible to Stored Cross-Site Scripting through the height parameter within the 'map' shortcode. This occurs because of...

6.4CVSS5.3AI score0.00189EPSS

Exploits0References5

Positive Technologies•added 2025/11/11 12:0 a.m.•5 views

PT-2025-46273

Name of the Vulnerable Software and Affected Versions The Total Book Project plugin for WordPress versions prior to 1.1 Description The software is susceptible to an Insecure Direct Object Reference issue. This impacts authenticated attackers with Contributor-level access or higher, allowing them...

5.4CVSS6.4AI score0.00173EPSS

Exploits0References4

Positive Technologies•added 2023/12/01 12:0 a.m.•5 views

PT-2023-32228

Name of the Vulnerable Software and Affected Versions ArslanSoft Education Portal versions prior to 1.1 Description The issue allows for the unrestricted upload of files with dangerous types, enabling the reading of sensitive strings within an executable. Recommendations For versions prior to 1.1...

7.5CVSS7.1AI score0.00628EPSS

Exploits0References7

Positive Technologies•added 2023/07/10 12:0 a.m.•4 views

PT-2023-17426 · WordPress · Call Now Accessibility Button

Name of the Vulnerable Software and Affected Versions: Call Now Accessibility Button WordPress plugin versions prior to 1.1 Description: The issue allows high-privilege users to perform Stored Cross-Site Scripting XSS attacks due to improper sanitization of some settings. This can occur even when...

4.8CVSS4.8AI score0.00423EPSS

Exploits2References3

Positive Technologies•added 2023/06/13 12:0 a.m.•4 views

PT-2023-21853 · Unknown · Cyberus Key

Name of the Vulnerable Software and Affected Versions: Cyberus Key plugin versions prior to 1.1 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin or higher privileges. Recommendations: For versions prior to 1.1, update to...

5.9CVSS5.4AI score0.00369EPSS

Exploits0References3

Positive Technologies•added 2022/01/24 12:0 a.m.•5 views

PT-2022-15058 · Elfspirit · Elfspirit

Name of the Vulnerable Software and Affected Versions: elfspirit versions prior to 1.1 Description: The issue is related to an out-of-bounds read bug in the ELF file format analysis. This bug can cause application crashes or information leakage. By constructing a specially formatted ELF file, it ...

7.1CVSS6.5AI score0.00875EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by