CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPoperation Ultra Companion – Companion plugin for WPoperation Themes allows Stored XSS.This issue affects Ultra Companion – Companion plugin for WPoperation Themes: from n/a through 1.1.9...

6.5CVSS6.7AI score0.00077EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:10 a.m.•5 views

CVE-2023-32118

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPoperation SALERT – Fake Sales Notification WooCommerce plugin = 1.2.1 versions...

7.1CVSS5.9AI score0.00105EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:10 a.m.•4 views

CVE-2023-32126

Missing Authorization vulnerability in WPoperation SALERT allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SALERT: from n/a through 1.2.1...

4.3CVSS8.5AI score0.00125EPSS

Exploits0References1

RedhatCVE•added 2025/04/26 5:27 p.m.•4 views

CVE-2025-32921

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpoperations Arrival arrival allows PHP Local File Inclusion.This issue affects Arrival: from n/a through = 1.4.5...

7.5CVSS7.2AI score0.01026EPSS

Exploits0References1

NVD•added 2025/04/24 4:15 p.m.•6 views

CVE-2025-39387

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpoperations Opstore opstore allows PHP Local File Inclusion.This issue affects Opstore: from n/a through = 1.4.5...

7.5CVSS0.00757EPSS

Exploits0References1

NVD•added 2025/04/24 4:15 p.m.•7 views

CVE-2025-32921

7.5CVSS0.01026EPSS

Exploits0References1

CVE•added 2025/04/24 4:8 p.m.•41 views

CVE-2025-32921

CVE-2025-32921 relates to the WordPress Arrival theme

7.5CVSS7.2AI score0.01026EPSS

Exploits0References1

CVE•added 2025/04/24 4:8 p.m.•43 views

CVE-2025-39387

CVE-2025-39387 covers a Local File Inclusion in the WordPress theme Opstore (Opstore theme). Affected product: Opstore theme, versions n/a through 1.4.5. Root cause: improper control of filename for include/require in PHP, enabling local file inclusion. Public details from CVE descriptions and Pa...

7.5CVSS7.2AI score0.00757EPSS

Exploits0References1

Positive Technologies•added 2025/04/24 12:0 a.m.•2 views

PT-2025-17751 · Unknown · Wpoperation Opstore

Name of the Vulnerable Software and Affected Versions: WPoperation Opstore versions 1.4.5 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Local...

7.5CVSS7.9AI score0.00757EPSS

Exploits0References4

Positive Technologies•added 2025/04/24 12:0 a.m.•2 views

PT-2025-17740 · Unknown · Wpoperation Arrival

Name of the Vulnerable Software and Affected Versions: WPoperation Arrival versions 1.4.5 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Local...

7.5CVSS7.8AI score0.01026EPSS

Exploits0References5

RedhatCVE•added 2025/04/03 3:58 p.m.•4 views

CVE-2025-31823

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpoperations WPoperation Elementor Addons wpop-elementor-addons allows Stored XSS.This issue affects WPoperation Elementor Addons: from n/a through = 1.1.9...

6.5CVSS7.2AI score0.00532EPSS

Exploits0References1

NVD•added 2025/04/01 3:16 p.m.•2 views

CVE-2025-31823

6.5CVSS0.00532EPSS

Exploits0References1

Cvelist•added 2025/04/01 2:51 p.m.•11 views

CVE-2025-31823 WordPress WPoperation Elementor Addons plugin 1.1.9 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00532EPSS

Exploits0References1

CVE•added 2025/04/01 2:51 p.m.•41 views

CVE-2025-31823

CVE-2025-31823 is a stored Cross‑Site Scripting vulnerability in WPoperation Elementor Addons for WordPress. It affects WPoperation Elementor Addons up to version 1.1.9 and arises from improper input neutralization during web page generation. The CVSS v3.1 base score is 6.5 (Network attack, Low d...

6.5CVSS7.2AI score0.00532EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by