CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

NVD•added 2026/04/27 11:16 p.m.•2 views

CVE-2026-40971

When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification when connecting to the RabbitMQ broker. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14 per vendor advisory...

9.1CVSS0.00062EPSS

Exploits0References1

Vulnrichment•added 2026/04/27 10:45 p.m.•1 views

CVE-2026-40971

5CVSS5.2AI score0.00062EPSS

Exploits0References1

Snyk•added 2026/04/23 12:0 a.m.•8 views

Improper Validation of Certificate with Host Mismatch

Overview Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch when using an SSL bundle. This effectively weakens TLS by allowing connections without verifying the server identity classic MITM risk. Remediation Upgrade...

9.2CVSS5.4AI score0.00062EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 5:58 a.m.•2 views

CVE-2023-31071

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Yannick Lefebvre Modal Dialog plugin = 3.5.14 versions...

7.1CVSS5.8AI score0.00104EPSS

Exploits0References1

RedhatCVE•added 2025/05/02 5:34 p.m.•7 views

CVE-2025-39413

Missing Authorization vulnerability in David Gwyer Simple Sitemap – Create a Responsive HTML Sitemap simple-sitemap.This issue affects Simple Sitemap – Create a Responsive HTML Sitemap: from n/a through = 3.6.0...

8.8CVSS7.2AI score0.00235EPSS

Exploits0References1

OSV•added 2025/04/30 6:15 p.m.•2 views

CVE-2025-39413

Missing Authorization vulnerability in David Gwyer Simple Sitemap – Create a Responsive HTML Sitemap.This issue affects Simple Sitemap – Create a Responsive HTML Sitemap: from n/a through 3.5.14...

8.8CVSS5.8AI score0.00235EPSS

Exploits0References1

CNNVD•added 2024/10/11 12:0 a.m.•2 views

WordPress plugin PublishPress Revisions 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site scripting...

6.1CVSS5.8AI score0.01684EPSS

Exploits0References5

Positive Technologies•added 2024/10/11 12:0 a.m.•3 views

PT-2024-39631 · WordPress · Publishpress Revisions

Name of the Vulnerable Software and Affected Versions: PublishPress Revisions plugin versions up to, and including, 3.5.14 Description: The issue is related to Reflected Cross-Site Scripting, which occurs due to the use of add query arg without proper escaping on the URL. This allows...

6.1CVSS7AI score0.01684EPSS

Exploits0References6

OSV•added 2023/08/17 9:15 a.m.•1 views

CVE-2023-31071

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Yannick Lefebvre Modal Dialog plugin = 3.5.14 versions...

6.1CVSS7.3AI score0.00104EPSS

Exploits0References1

OSV•added 2020/12/08 1:15 a.m.•1 views

UBUNTU-CVE-2020-25628

The filter in the tag manager required extra sanitizing to prevent a reflected XSS risk. This affects 3.9 to 3.9.1, 3.8 to 3.8.4, 3.7 to 3.7.7, 3.5 to 3.5.13 and earlier unsupported versions. Fixed in 3.9.2, 3.8.5, 3.7.8 and 3.5.14...

6.1CVSS6.8AI score0.00249EPSS

Exploits0References4

Positive Technologies•added 2020/10/15 12:0 a.m.•6 views

PT-2020-16138 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle versions 3.5 through 3.5.13 Moodle versions 3.7 through 3.7.7 Moodle versions 3.8 through 3.8.4 Moodle versions 3.9 through 3.9.1 Description: A vulnerability was found in Moodle where users with Log in as capability in a course contex...

9.8CVSS6.1AI score0.39399EPSS

Exploits19References102