CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

YITH WooCommerce Ajax Search <= 2.4.0 - Cross-Site Scripting

The YITH WooCommerce Ajax Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'queryString' parameter in the REST API endpoint /ywcas/v1/register in versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping. id: CVE-2024-4455 info...

7.2CVSS5.4AI score0.06551EPSS

Exploits0References3

RedhatCVE•added 2026/01/09 9:24 a.m.•8 views

CVE-2023-40602

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Doofinder Doofinder WP & WooCommerce Search.This issue affects Doofinder WP & WooCommerce Search: from n/a through 1.5.49...

6.1CVSS7.1AI score0.00114EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-45160

Malicious code in bioql PyPI...

6.1CVSS7.1AI score0.00114EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-56378

Malicious code in bioql PyPI...

6.5CVSS7.2AI score0.00043EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-35145

Malicious code in bioql PyPI...

4.3CVSS9.2AI score0.0013EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:5 a.m.•1 views

CVE-2023-30783

Missing Authorization vulnerability in YummyWP Smart WooCommerce Search allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart WooCommerce Search: from n/a through 2.5.0...

4.3CVSS8.6AI score0.0013EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:17 a.m.•4 views

CVE-2023-51678

Cross-Site Request Forgery CSRF vulnerability in Doofinder Doofinder WP & WooCommerce Search.This issue affects Doofinder WP & WooCommerce Search: from n/a through 2.0.33...

6.5CVSS7.1AI score0.00043EPSS

Exploits0References1

ATTACKERKB•added 2024/12/09 1:15 p.m.•3 views

CVE-2023-30783

Missing Authorization vulnerability in YummyWP Smart WooCommerce Search smart-woocommerce-search allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart WooCommerce Search: from n/a through = 2.5.0...

4.3CVSS5.8AI score0.0013EPSS

Exploits0References3

NVD•added 2024/12/09 1:15 p.m.•4 views

CVE-2023-30783

4.3CVSS0.0013EPSS

Exploits0References1

Vulnrichment•added 2024/12/09 11:31 a.m.•4 views

CVE-2023-30783 WordPress Smart WooCommerce Search plugin <= 2.5.0 - Broken Access Control

4.3CVSS6.9AI score0.0013EPSS

Exploits0References1

CVE•added 2024/12/09 11:31 a.m.•37 views

CVE-2023-30783

CVE-2023-30783 affects the Smart WooCommerce Search plugin for WordPress (

4.3CVSS8.6AI score0.0013EPSS

Exploits0References1

CNNVD•added 2024/12/09 12:0 a.m.•1 views

WordPress plugin Smart WooCommerce Search 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exis...

4.3CVSS8.6AI score0.0013EPSS

Exploits0References1

OSV•added 2024/05/24 11:15 a.m.•3 views

CVE-2024-4455

The YITH WooCommerce Ajax Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘item’ parameter in versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS6AI score

Exploits0References3

OSV•added 2024/01/05 10:15 a.m.•1 views

CVE-2023-51678

Cross-Site Request Forgery CSRF vulnerability in Doofinder Doofinder WP & WooCommerce Search.This issue affects Doofinder WP & WooCommerce Search: from n/a through 2.0.33...

6.5CVSS7.3AI score0.00043EPSS

Exploits0References1

Cvelist•added 2024/01/05 10:0 a.m.•16 views

CVE-2023-51678 WordPress Doofinder for WooCommerce Plugin <= 2.0.33 is vulnerable to Broken Access Control

Cross-Site Request Forgery CSRF vulnerability in Doofinder Doofinder WP & WooCommerce Search.This issue affects Doofinder WP & WooCommerce Search: from n/a through 2.0.33...

4.3CVSS6.7AI score0.00043EPSS

Exploits0References1

OSV•added 2023/12/19 8:15 p.m.•0 views

CVE-2023-40602

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Doofinder Doofinder WP & WooCommerce Search.This issue affects Doofinder WP & WooCommerce Search: from n/a through 1.5.49...

6.1CVSS7.3AI score

Exploits0References1

CVE•added 2023/12/19 7:54 p.m.•37 views

CVE-2023-40602

CVE-2023-40602 affects Doofinder WP & WooCommerce Search plugin (versions

6.1CVSS7.1AI score0.00114EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2023/12/19 12:0 a.m.•1 views

PT-2023-27533 · WordPress · Doofinder Wp & Woocommerce Search

Name of the Vulnerable Software and Affected Versions: Doofinder WP & WooCommerce Search versions 1.5.49 and earlier Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability. This vulnerability affects Doofinder WP & WooCommerce...

6.1CVSS6.5AI score0.00114EPSS

Exploits0References7

OSV•added 2023/12/15 3:15 p.m.•0 views

CVE-2023-49185

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Doofinder Doofinder WP & WooCommerce Search allows Reflected XSS.This issue affects Doofinder WP & WooCommerce Search: from n/a through 2.1.7...

6.1CVSS7.3AI score

Exploits0References1

CVE•added 2023/12/15 2:59 p.m.•39 views

CVE-2023-49185

CVE-2023-49185 : Doofinder for WooCommerce (WordPress) is vulnerable to reflected XSS due to improper input neutralization during web page generation. Affected: Doofinder WP & WooCommerce Search plugin versions

7.1CVSS7.1AI score0.00193EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by