CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-24746

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.0021EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 11:30 p.m.•3 views

CVE-2022-1435

The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitize and escapes some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS6.2AI score0.00225EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 10:17 p.m.•3 views

CVE-2022-1436

The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitise and escape the wpcargotrackingnumber parameter before outputting it back in the page, which could allow attackers to perform reflected Cross-Site Scripting attacks...

6.1CVSS6.1AI score0.0021EPSS

Exploits1References1

OSV•added 2022/03/14 3:15 p.m.•2 views

CVE-2021-25003

The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE...

9.8CVSS5.8AI score

Exploits0References1

WPVulnDB•added 2022/02/21 12:0 a.m.•27 views

WPCargo < 6.9.0 - Unauthenticated RCE

The plugin contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE PoC import sys import binascii import requests This is a magic string that when treated as pixels and compressed using the png algorithm, will cause to be written ...

0.7AI score0.91581EPSS

Exploits3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by