CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/28 7:43 a.m.•22 views

CVE-2026-8689 Visualizer: Tables and Charts Manager for WordPress <= 3.11.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Chart Creation and Modification via renderChartPages() and uploadData() Functions

4.3CVSS0.00034EPSS

Vulnrichment•added 2026/05/28 7:43 a.m.•2 views

EUVD•added 2026/05/28 7:43 a.m.•7 views

EUVD-2026-32746

ATTACKERKB•added 2026/05/28 7:43 a.m.•6 views

CVE-2026-8689

Positive Technologies•added 2026/05/28 12:0 a.m.•5 views

Exploits0References9

PT-2026-44219

Cvelist•added 2026/05/20 12:54 p.m.•34 views

Exploits0References9

CVE-2026-24573 WordPress Visualizer plugin < 4.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeisle Visualizer allows Stored XSS. This issue affects Visualizer: from n/a before 4.0.0...

6.5CVSS0.00034EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:31 a.m.•5 views

CVE-2019-16932

A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data...

10CVSS6.9AI score0.80844EPSS

Exploits2References1

Vulnrichment•added 2025/12/12 3:20 a.m.•1 views

CVE-2025-13961 Data Visualizer <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Data Visualizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'visualize' shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS4.7AI score0.00031EPSS

Exploits0References3

EUVD•added 2025/12/02 9:30 a.m.•4 views

EUVD-2025-200201

The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'query' parameter in all versions up to, and including, 3.11.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

6.5CVSS6.1AI score0.00031EPSS

Exploits0References5

NVD•added 2025/12/02 7:15 a.m.•3 views

CVE-2025-12483

6.5CVSS0.00031EPSS

Vulnrichment•added 2025/12/02 6:40 a.m.•4 views

CVE-2025-12483 Visualizer: Tables and Charts Manager for WordPress <= 3.11.12 - Authenticated (Contributor+) SQL Injection

6.5CVSS6.1AI score0.00031EPSS

CVE•added 2025/12/02 6:40 a.m.•7 views

CVE-2025-12483

The vulnerability CVE-2025-12483 affects the Visualizer: Tables and Charts Manager for WordPress plugin. It is an authenticated SQL Injection via the query parameter in all versions up to 3.11.12, due to insufficient escaping and query preparation, enabling attackers with Contributor-level access...

6.5CVSS6.1AI score0.00031EPSS

Cvelist•added 2025/12/02 6:40 a.m.•4 views

CVE-2025-12483 Visualizer: Tables and Charts Manager for WordPress <= 3.11.12 - Authenticated (Contributor+) SQL Injection

6.5CVSS0.00031EPSS