CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

CVE•added 2025/12/18 7:22 a.m.•6 views

CVE-2025-60068

CVE-2025-60068 is a WordPress plugin vulnerability in Javo Core (WordPress plugin) that allows arbitrary code execution due to improper control over code generation (code injection). Affected version range: Javo Core up to

6.5CVSS6.6AI score0.00194EPSS

Exploits0References1

Positive Technologies•added 2025/12/18 12:0 a.m.•3 views

PT-2025-52129

Improper Control of Generation of Code 'Code Injection' vulnerability in javothemes Javo Core javo-core allows Code Injection.This issue affects Javo Core: from n/a through = 3.0.0.266...

7AI score0.00194EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-30650

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00258EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-31289

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00179EPSS

Exploits0References2

RedhatCVE•added 2025/09/27 8:44 a.m.•3 views

CVE-2025-60111

Cross-Site Request Forgery CSRF vulnerability in javothemes Javo Core javo-core allows Authentication Bypass.This issue affects Javo Core: from n/a through = 3.0.0.266...

8.8CVSS5.9AI score0.00179EPSS

Exploits0References1

CVE•added 2025/09/26 8:31 a.m.•10 views

CVE-2025-60111

CVE-2025-60111 is a CSRF vulnerability in the Javo Core WordPress plugin (Javo Core) that affects versions from 1.0.0? through 3.0.0.266, enabling Authentication Bypass as described in the initial document. Connected sources corroborate CSRF activity in Javo Core (<= 3.0.0.266) but do not prov...

8.8CVSS5.9AI score0.00179EPSS

Exploits0References1

Vulnrichment•added 2025/09/26 8:31 a.m.•1 views

CVE-2025-60111 WordPress Javo Core Plugin <= 3.0.0.266 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in javothemes Javo Core javo-core allows Authentication Bypass.This issue affects Javo Core: from n/a through = 3.0.0.266...

8.8CVSS5.2AI score0.00179EPSS

Exploits0References1

Cvelist•added 2025/09/26 8:31 a.m.•9 views

CVE-2025-60111 WordPress Javo Core Plugin <= 3.0.0.266 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in javothemes Javo Core javo-core allows Authentication Bypass.This issue affects Javo Core: from n/a through = 3.0.0.266...

8.8CVSS0.00179EPSS

Exploits0References1

CNNVD•added 2025/09/26 12:0 a.m.•1 views

WordPress plugin Javo Core 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

8.8CVSS6.6AI score0.00179EPSS

Exploits0References1

Positive Technologies•added 2025/09/26 12:0 a.m.•3 views

PT-2025-39558

Name of the Vulnerable Software and Affected Versions Javothemes Javo Core versions through 3.0.0.266 Description A Cross-Site Request Forgery CSRF issue exists in Javothemes Javo Core, potentially allowing Authentication Bypass. This occurs due to insufficient validation of requests, which could...

8.8CVSS6.4AI score0.00179EPSS

Exploits0References4

NVD•added 2025/09/22 7:16 p.m.•3 views

CVE-2025-58003

Missing Authorization vulnerability in javothemes Javo Core javo-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Javo Core: from n/a through = 3.0.0.266...

5.3CVSS0.00258EPSS

Exploits0References1