CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

OSV•added 2025/03/11 9:15 p.m.•2 views

CVE-2025-28876

Cross-Site Request Forgery CSRF vulnerability in SkrillTeam Skrill Official allows Cross Site Request Forgery. This issue affects Skrill Official: from n/a through 1.0.65...

8.8CVSS7.3AI score0.00134EPSS

Exploits0References1

CVE•added 2025/03/11 9:0 p.m.•44 views

CVE-2025-28876

CVE-2025-28876 is a CSRF vulnerability affecting the Skrill Official WordPress/WooCommerce plugin (versions up to 1.0.65). The vulnerability is documented with CVSS-derived impact and is tracked across multiple sources, including Patchstack and Red Hat feeds, which indicate the issue exists in Sk...

8.8CVSS7.2AI score0.00134EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/03/11 9:0 p.m.•21 views

CVE-2025-28876 WordPress Skrill Official plugin <= 1.0.66 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in SkrillTeam Skrill Official official-skrill-woocommerce allows Cross Site Request Forgery.This issue affects Skrill Official: from n/a through = 1.0.66...

4.3CVSS0.00134EPSS

Exploits0References1

CNNVD•added 2024/11/25 12:0 a.m.•2 views

WikiDocs 安全漏洞

WikiDocs is a database-free Markdown flat file Wiki engine by the individual developer Manuel Zavatta in Italy. A security vulnerability exists in WikiDocs version 1.0.65, which stems from mishandling of the KaTeX parser, which can lead to stored cross-site scripting attacks...

5.4CVSS5.8AI score0.00246EPSS

Exploits0References6

CVE•added 2024/11/25 12:0 a.m.•56 views

CVE-2024-53930

CVE-2024-53930 affects WikiDocs prior to 1.0.65. A stored XSS vulnerability exists where authenticated users can inject payloads via data after $$, mishandled by the KaTeX parser. The issue, described across multiple sources, is caused by KaTeX parsing behavior and leads to stored XSS, with impac...

5.4CVSS5.8AI score0.00246EPSS

Exploits0References6

Cvelist•added 2024/11/25 12:0 a.m.•13 views

CVE-2024-53930

WikiDocs before 1.0.65 allows stored XSS by authenticated users via data that comes after $$\, which is mishandled by a KaTeX parser...

0.00246EPSS

Exploits0References6

Positive Technologies•added 2024/11/25 12:0 a.m.•4 views

PT-2024-35978 · Katex +1 · Katex +1

Name of the Vulnerable Software and Affected Versions: WikiDocs versions prior to 1.0.65 Description: The issue concerns a stored XSS vulnerability that can be exploited by authenticated users. It occurs due to the mishandling of data by a KaTeX parser, specifically when the data comes after $$...

5.4CVSS5.7AI score0.00246EPSS

Exploits0References9

Positive Technologies•added 2024/10/12 12:0 a.m.•4 views

PT-2024-14501 · Unknown · Freescout End-User Portal

Name of the Vulnerable Software and Affected Versions: FreeScout End-User Portal module versions prior to 1.0.65 Description: The issue allows an attacker to authenticate as an arbitrary user because a session token can be sent to the "/auth" endpoint. Recommendations: For versions prior to 1.0.6...

9.1CVSS7AI score0.00881EPSS

Exploits1References8

CNNVD•added 2024/08/06 12:0 a.m.•0 views

WordPress plugin Blox Page Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.3AI score0.0695EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by