CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

43 matches found

Patchstack•added 6 days ago•6 views

WordPress WPComplete plugin <= 2.9.5.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by hhhai in WordPress Plugin WPComplete versions = 2.9.5.4...

6.5CVSS5.8AI score0.00034EPSS

Exploits0Affected Software1

NVD•added 2026/05/27 11:16 a.m.•10 views

CVE-2026-42750

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nexcess WPComplete wpcomplete allows Stored XSS.This issue affects WPComplete: from n/a through = 2.9.5.4...

6.5CVSS0.00034EPSS

Exploits0References1

EUVD•added 2026/05/27 9:49 a.m.•4 views

EUVD-2026-32199

6.5CVSS5.8AI score0.00034EPSS

Exploits0References1

ATTACKERKB•added 2026/05/27 9:49 a.m.•3 views

CVE-2026-42750

6.5CVSS5.8AI score0.00034EPSS

Exploits0References2

CVE•added 2026/05/27 9:49 a.m.•8 views

CVE-2026-42750

CVE-2026-42750 concerns the WordPress plugin WPComplete by Nexcess. The vulnerability is a stored XSS caused by improper neutralization of input during web page generation, affecting WPComplete versions up to and including 2.9.5.4. Public references consistently describe the issue as a Stored XSS...

6.5CVSS5.8AI score0.00034EPSS

Exploits0References1

Cvelist•added 2026/05/27 9:49 a.m.•24 views

CVE-2026-42750 WordPress WPComplete plugin <= 2.9.5.4 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00034EPSS

Exploits0References1

Positive Technologies•added 2026/05/27 12:0 a.m.•6 views

PT-2026-43659

6.5CVSS5.8AI score0.00034EPSS

Exploits0References2

CNNVD•added 2026/05/27 12:0 a.m.•8 views

WordPress plugin WPComplete 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.6AI score0.00034EPSS

Exploits0References1

Patchstack•added 2025/10/24 4:28 p.m.•2 views

WordPress WPComplete plugin <= 2.9.5.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin WPComplete versions = 2.9.5.3...

5.3CVSS7AI score0.00058EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/10/23 3:14 p.m.•1 views

CVE-2025-49906

Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through = 2.9.5.3...

5.3CVSS7AI score0.00058EPSS

Exploits0References1

EUVD•added 2025/10/22 3:31 p.m.•3 views

EUVD-2025-35548

Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through = 2.9.5.3...

5.3CVSS6.5AI score0.00058EPSS

Exploits0References2

NVD•added 2025/10/22 3:15 p.m.•1 views

CVE-2025-49906

Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through = 2.9.5.3...

5.3CVSS0.00058EPSS

Exploits0References1

CVE•added 2025/10/22 2:32 p.m.•2 views

CVE-2025-49906

CVE-2025-49906 affects StellarWP WPComplete (wpcomplete) up to version 2.9.5.3. The vulnerability is due to Missing Authorization, allowing access to functionality not constrained by ACLs. Exploitation details are not provided in the documents, but multiple sources confirm the issue and recommend...

5.3CVSS6.6AI score0.00058EPSS

Exploits0References1

Cvelist•added 2025/10/22 2:32 p.m.•6 views

CVE-2025-49906 WordPress WPComplete plugin <= 2.9.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through = 2.9.5.3...

5.3CVSS0.00058EPSS

Exploits0References1

Vulnrichment•added 2025/10/22 2:32 p.m.•1 views

CVE-2025-49906 WordPress WPComplete plugin <= 2.9.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through = 2.9.5.3...

5.3CVSS6.6AI score0.00058EPSS

Exploits0References1

Positive Technologies•added 2025/10/22 12:0 a.m.•1 views

PT-2025-43174

Name of the Vulnerable Software and Affected Versions StellarWP WPComplete versions through 2.9.5.3 Description A missing authorization issue exists in StellarWP WPComplete. The issue allows access to functionality that is not properly constrained by Access Control Lists ACLs. Recommendations...

5.3CVSS6.5AI score0.00058EPSS

Exploits0References4

CNNVD•added 2025/10/22 12:0 a.m.•1 views

WordPress plugin WPComplete 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

5.3CVSS6.6AI score0.00058EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-30489

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00032EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-19019

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00143EPSS

Exploits0References1