CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6654 matches found

RedhatCVE•added 2026/01/07 9:14 a.m.•4 views

CVE-2024-2830

The WordPress Tag and Category Manager – AI Autotagger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sttagcloud' shortcode in all versions up to, and including, 3.13.0 due to insufficient input sanitization and output escaping on user supplied attributes. Thi...

6.4CVSS5.8AI score0.00196EPSS

Exploits0References1

Vulnrichment•added 2025/12/19 12:0 a.m.•2 views

CVE-2025-67845

A Directory Traversal vulnerability in the Static Asset Proxy Endpoint in Mintlify Platform before 2025-11-15 allows remote attackers to inject arbitrary web script or HTML via a crafted URL containing path traversal sequences...

6.4CVSS6.1AI score0.00104EPSS

Exploits1References5

NVD•added 2025/11/11 4:15 a.m.•2 views

CVE-2025-11860

The Twitter Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ottwitterfeed' shortcode in all versions up to, and including, 1.3.1. This is due to the plugin not properly sanitizing user input and output of the 'width' and 'height' parameters. This makes it possible...

6.4CVSS0.00032EPSS

Exploits0References2

Cvelist•added 2025/11/08 2:28 a.m.•6 views

CVE-2025-12583 Simple Downloads List <= 1.4.3 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting

The Simple Downloads List plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxneofixsdledit' AJAX endpoint along with many others in all versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, wi...

6.4CVSS0.00036EPSS

Exploits0References3

CNNVD•added 2025/10/28 12:0 a.m.•2 views

IPFire 安全漏洞

IPFire is an open source Linux distribution from the IPFire organization, used primarily as a router and firewall. IPFire suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the REMOTELOGADDR parameter of the...

5.4CVSS6AI score0.00024EPSS

Exploits0References4

EUVD•added 2025/10/23 9:31 p.m.•2 views

EUVD-2025-35729

Liferay Portal Self Cross-site scripting XSS vulnerability on the edit Knowledge Base article page...

2CVSS5.6AI score0.00031EPSS

Exploits0References4

CNNVD•added 2025/10/14 12:0 a.m.•2 views

Apache Geode 安全漏洞

Apache Geode is a U.S.-based Apache Foundation suite of management platforms used in distributed cloud architectures to provide real-time and consistent access to data for data-intensive applications. A security vulnerability exists in Apache Geode versions prior to 1.15.2 that originates from we...

6.1CVSS6.5AI score0.00149EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-24725

Malware in sbrugna...

5.4CVSS5.4AI score0.00178EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2007-1357

Malware in sbrugna...

4.3CVSS6.4AI score0.00427EPSS

Exploits0References6