CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

171 matches found

CVE•added 2025/05/23 12:43 p.m.•45 views

CVE-2025-47535

CVE-2025-47535 (Opal Woo Custom Product Variation) affects WordPress plugin Opal Woo Custom Product Variation, versions up to and including 1.2.0. The issue is described as an improper limitation of a pathname to a restricted directory, i.e., a Path Traversal, which can enable Arbitrary File Dele...

8.6CVSS7.2AI score0.00426EPSS

Exploits0References1

Cvelist•added 2025/05/23 12:43 p.m.•13 views

CVE-2025-47535 WordPress Opal Woo Custom Product Variation plugin <= 1.2.0 - Arbitrary File Deletion Vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in wpopal Opal Woo Custom Product Variation opal-woo-custom-product-variation allows Path Traversal.This issue affects Opal Woo Custom Product Variation: from n/a through = 1.2.0...

8.6CVSS0.00426EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 7:35 a.m.•6 views

CVE-2024-13511

The Variation Swatches for WooCommerce plugin, in all versions starting at 1.0.8 up until 1.3.2, contains a vulnerability due to improper nonce verification in its settings reset functionality. The issue exists in the settingsinit function, which processes a reset action based on specific query...

4.3CVSS6.8AI score0.00184EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:45 a.m.•7 views

CVE-2024-48047

Cross-Site Request Forgery CSRF vulnerability in Razon Komar Pal Linked Variation for WooCommerce linked-variation-for-woocommerce allows Cross Site Request Forgery.This issue affects Linked Variation for WooCommerce: from n/a through = 1.0.5...

4.3CVSS5.9AI score0.00169EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:49 a.m.•7 views

CVE-2023-37975

Unauth. Reflected Cross-Site Scripting XSS vulnerability in RadiusTheme Variation Swatches for WooCommerce plugin = 2.3.7 versions...

7.1CVSS5.9AI score0.00331EPSS

Exploits0

Positive Technologies•added 2025/05/23 12:0 a.m.•4 views

PT-2025-22754 · WordPress · Opal Woo Custom Product Variation

Name of the Vulnerable Software and Affected Versions: Opal Woo Custom Product Variation versions 1.2.0 and earlier Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability. This allows for Path Traversal i...

8.6CVSS8.7AI score0.00426EPSS

Exploits0References3

CNNVD•added 2025/05/23 12:0 a.m.•2 views

WordPress plugin Opal Woo Custom Product Variation 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

8.6CVSS8.7AI score0.00426EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 10:19 a.m.•8 views

CVE-2019-15778

The woo-variation-gallery plugin before 1.1.29 for WordPress has XSS...

5.4CVSS7.1AI score0.01038EPSS

Exploits0References1

Packet Storm News•added 2025/05/21 12:0 a.m.•5 views

Zero-Trust Mobility-Aware Authentication Framework for Secure Vehicular Fog Computing Networks

Vehicular Fog Computing VFC is a promising paradigm to meet the low-latency and high-bandwidth demands of Intelligent Transportation Systems ITS. However, dynamic vehicle mobility and diverse trust boundaries introduce critical security challenges. This paper presents a novel Zero-Trust...

7.1AI score

Exploits0

Packet Storm News•added 2025/05/19 12:0 a.m.•7 views

An Automated Blackbox Noncompliance Checker for QUIC Server Implementations

We develop QUICtester, an automated approach for uncovering non-compliant behaviors in the ratified QUIC protocol implementations RFC 9000/9001. QUICtester leverages active automata learning to abstract the behavior of a QUIC implementation into a finite state machine FSM representation. Unlike...

6.9AI score

Exploits0

Patchstack•added 2025/05/12 4:6 p.m.•5 views

WordPress Opal Woo Custom Product Variation plugin <= 1.2.0 - Arbitrary File Deletion Vulnerability

Arbitrary File Deletion Vulnerability discovered by timomangcut in WordPress Plugin Opal Woo Custom Product Variation versions = 1.2.0...

8.6CVSS8.2AI score0.00426EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/05/09 3:26 p.m.•3 views

CVE-2025-47526

Missing Authorization vulnerability in GS Plugins GS Variation Swatches for WooCommerce gs-woo-variation-swatches allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Variation Swatches for WooCommerce: from n/a through = 3.0.4...

5.4CVSS7.2AI score0.00273EPSS

Exploits0References1

NVD•added 2025/05/07 3:16 p.m.•5 views

CVE-2025-47526

5.4CVSS0.00273EPSS

Exploits0References1

Cvelist•added 2025/05/07 2:20 p.m.•11 views

CVE-2025-47526 WordPress GS Variation Swatches for WooCommerce plugin <= 3.0.4 - Broken Access Control Vulnerability

5.4CVSS0.00273EPSS

Exploits0References1

Vulnrichment•added 2025/05/07 2:20 p.m.•3 views

CVE-2025-47526 WordPress GS Variation Swatches for WooCommerce <= 3.0.4 - Broken Access Control Vulnerability

Missing Authorization vulnerability in GS Plugins GS Variation Swatches for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GS Variation Swatches for WooCommerce: from n/a through 3.0.4...

5.4CVSS5.5AI score0.00273EPSS

Exploits0References1

CVE•added 2025/05/07 2:20 p.m.•42 views

CVE-2025-47526

CVE-2025-47526 concerns the WordPress plugin GS Variation Swatches for WooCommerce (versions up to 3.0.4). The issue is described as a Missing Authorization vulnerability, arising from incorrectly configured access control, which could allow an attacker to exploit insufficient authorization check...

5.4CVSS7.2AI score0.00273EPSS

Exploits0References1

Positive Technologies•added 2025/05/07 12:0 a.m.•7 views

PT-2025-20148 · Woocommerce · Variation Swatches For Woocommerce

Name of the Vulnerable Software and Affected Versions: GS Variation Swatches for WooCommerce versions 3.0.4 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For G...

5.4CVSS6.3AI score0.00273EPSS

Exploits0References3

CNNVD•added 2025/05/07 12:0 a.m.•1 views

WordPress plugin GS Variation Swatches for WooCommerce 安全漏洞

5.4CVSS6.3AI score0.00273EPSS

Exploits0References1

OSV•added 2025/05/01 3:16 p.m.•7 views

UBUNTU-CVE-2022-49883

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: smm: number of GPRs in the SMRAM image depends on the image format On 64 bit host, if the guest doesn't have X86FEATURELM, KVM will access 16 gprs to 32-bit smram image, causing out-ouf-bound ram access. On 32 bit host,...

7.1CVSS5.8AI score0.00153EPSS

Exploits0References5

Vulnrichment•added 2025/04/10 7:2 a.m.•3 views

CVE-2025-2719 Swatchly – WooCommerce Variation Swatches for Products (product attributes: Image swatch, Color swatches, Label swatches) 1.2.8 - 1.4.0 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update

The Swatchly – WooCommerce Variation Swatches for Products product attributes: Image swatch, Color swatches, Label swatches plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function in versions 1.2.8 to 1.4.0. This makes ...

6.5CVSS5.3AI score0.00236EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by