CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

RedhatCVE•added 2026/02/04 7:28 p.m.•2 views

CVE-2026-25024

Cross-Site Request Forgery CSRF vulnerability in Blair Williams ThirstyAffiliates thirstyaffiliates allows Cross Site Request Forgery.This issue affects ThirstyAffiliates: from n/a through = 3.11.9...

5.4CVSS5.3AI score0.00029EPSS

Exploits0References1

NVD•added 2026/02/03 3:16 p.m.•5 views

CVE-2026-25024

5.4CVSS0.00029EPSS

Exploits0References1

CVE•added 2026/02/03 2:8 p.m.•7 views

CVE-2026-25024

CVE-2026-25024 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin ThirstyAffiliates (thirstyaffiliates) by Blair Williams, affecting versions up to and including 3.11.9. The Red Hat, NVD, CVE List, and related sources consistently state the issue is CSRF and affec...

5.4CVSS5.3AI score0.00029EPSS

Exploits0References1

EUVD•added 2026/02/03 2:8 p.m.•2 views

EUVD-2026-5308

5.4CVSS5.3AI score0.00029EPSS

Exploits0References1

Vulnrichment•added 2026/02/03 2:8 p.m.•2 views

CVE-2026-25024 WordPress ThirstyAffiliates plugin <= 3.11.9 - Cross Site Request Forgery (CSRF) vulnerability

5.4CVSS5.3AI score0.00029EPSS

Exploits0References1

ATTACKERKB•added 2026/02/03 2:8 p.m.•2 views

CVE-2026-25024

5.4CVSS5.3AI score0.00029EPSS

Exploits0References2

Patchstack•added 2026/02/02 7:53 p.m.•2 views

WordPress ThirstyAffiliates plugin <= 3.11.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin ThirstyAffiliates versions = 3.11.9...

5.4CVSS5.3AI score0.00029EPSS

Exploits0Affected Software1

Tenable Nessus•added 2026/01/20 12:0 a.m.•3 views

MiracleLinux 8 : python3.11-3.11.9-7.el8_10 (AXSA:2024-8834:23)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8834:23 advisory. python: incorrect IPv4 and IPv6 private ranges CVE-2024-4032 cpython: python: email module doesn't properly quotes newlines in email headers, allowi...

8.7CVSS7.3AI score0.01127EPSS

Exploits0References4

Tenable Nessus•added 2026/01/20 12:0 a.m.•2 views

MiracleLinux 9 : python3.11-3.11.9-7.el9.1 (AXSA:2024-9350:29)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9350:29 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

7.5CVSS7AI score0.03014EPSS

Exploits2References2

Tenable Nessus•added 2026/01/20 12:0 a.m.•2 views

MiracleLinux 8 : python3.11-3.11.9-1.el8_10 (AXSA:2024-8471:15)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8471:15 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of servi...

7.8CVSS7.2AI score0.00153EPSS

Exploits0References3

CNNVD•added 2024/09/13 12:0 a.m.•0 views

WordPress plugin Avada 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

6.4CVSS5.7AI score0.00489EPSS

Exploits0References4

Positive Technologies•added 2024/09/12 12:0 a.m.•2 views

PT-2024-36778 · WordPress · Avada

Name of the Vulnerable Software and Affected Versions: Avada | Website Builder For WordPress & eCommerce plugin for WordPress versions up to, and including, 3.11.9 Description: The issue is related to Stored Cross-Site Scripting via the plugin's fusion button shortcode due to insufficient input...

6.4CVSS5.8AI score0.00489EPSS

Exploits0References8

OpenVAS•added 2024/03/20 12:0 a.m.•14 views

Python DoS Vulnerability (Mar 2024) - Mac OS X

Python is prone to a denial of service DoS vulnerability in libexpat. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.6AI score0.01552EPSS

Exploits1References5

OpenVAS•added 2023/10/31 12:0 a.m.•13 views

Moodle 3.11.x < 3.11.9, 4.0.x < 4.0.3 CSRF Vulnerability

Moodle is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:moodle:moodle...

8.8CVSS8.7AI score0.00223EPSS

Exploits0References1