CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Cvelist•added 7 hours ago•4 views

CVE-2026-57315 WordPress Blocksy Companion Pro plugin <= 2.1.45 - Remote Code Execution (RCE) vulnerability

Contributor Remote Code Execution RCE in Blocksy Companion Pro = 2.1.45 versions...

8.5CVSS

Exploits0References1

EUVD•added 7 hours ago•3 views

EUVD-2026-39728

Contributor Remote Code Execution RCE in Blocksy Companion Pro = 2.1.45 versions...

8.5CVSS5.9AI score

Exploits0References1

CVE•added 2026/06/19 4:31 a.m.•13 views

CVE-2026-12430

The CVE-2026-12430 entry concerns the Blocksy Companion WordPress plugin (

4.4CVSS5.9AI score0.00208EPSS

Exploits0References8

Cvelist•added 2026/06/19 4:31 a.m.•29 views

CVE-2026-12430 Blocksy Companion <= 2.1.45 - Authenticated (Editor+) Stored Cross-Site Scripting via 'product_description' Parameter

The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.45 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and...

4.4CVSS0.00208EPSS

Exploits0References8

OpenVAS•added 2019/01/11 12:0 a.m.•28 views

elFinder <= 2.1.44 Information Disclosure Vulnerability

elFinder is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:std42:elfinder";...

5.9CVSS5.9AI score0.01275EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by