CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2147 matches found

NVD•added 2025/08/20 8:15 a.m.•4 views

CVE-2025-49422

Incorrect Privilege Assignment vulnerability in themepassion Support Ticket support-ticket allows Privilege Escalation.This issue affects Support Ticket: from n/a through = 1.9...

9.8CVSS0.00095EPSS

Exploits0References1

Vulnrichment•added 2025/08/20 8:3 a.m.•4 views

CVE-2025-49422 WordPress iframe Wrapper plugin <= 0.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aelora iframe Wrapper allows DOM-Based XSS. This issue affects iframe Wrapper: from n/a through 0.1.1...

6.5CVSS6.6AI score0.00095EPSS

Exploits0References1

CVE•added 2025/08/20 8:3 a.m.•16 views

CVE-2025-49422

CVE-2025-49422 is a Privilege Escalation vulnerability in the WordPress plugin Support Ticket (Themepassion). The issue is described as an Incorrect Privilege Assignment that could allow escalation to higher-privilege actions in the affected plugin versions, specifically

9.8CVSS5.9AI score0.00095EPSS

Exploits0References1

Cvelist•added 2025/08/20 8:3 a.m.•12 views

CVE-2025-49422 WordPress Support Ticket Plugin <= 1.9 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in themepassion Support Ticket support-ticket allows Privilege Escalation.This issue affects Support Ticket: from n/a through = 1.9...

9.8CVSS0.00095EPSS

Exploits0References1

CNNVD•added 2025/08/20 12:0 a.m.•2 views

WordPress plugin iframe Wrapper 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

9.8CVSS5.8AI score0.00095EPSS

Exploits0References2

Tenable Nessus•added 2025/08/20 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2018-17187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache Qpid Proton-J transport includes an optional wrapper layer to perform TLS, enabled by use of the 'transport.ssl...' methods. Unless a verification mo...

7.4CVSS7.2AI score0.00245EPSS

Exploits0References2

Positive Technologies•added 2025/08/20 12:0 a.m.•6 views

PT-2025-33950 · Unknown · Aelora Iframe Wrapper

Name of the Vulnerable Software and Affected Versions: Aelora iframe Wrapper versions n/a through 0.1.1 Description: Aelora iframe Wrapper is susceptible to a DOM-Based Cross-Site Scripting issue due to improper neutralization of input during web page generation. Recommendations: Update Aelora...

6.5CVSS6AI score0.00095EPSS

Exploits0References3

Patchstack•added 2025/08/18 5:12 p.m.•8 views

WordPress iframe Wrapper plugin <= 0.1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha Patchstack Alliance in WordPress Plugin iframe Wrapper versions = 0.1.1...

6.5CVSS5.8AI score0.00095EPSS

Exploits0Affected Software1

Akamai Blog•added 2025/08/18 10:20 a.m.•3 views

How Cloud Wrapper Evolved to Optimize Small-Object Caching

Learn how Akamai's Cloud Wrapper evolved to optimize small-object caching, reduce egress costs, and boost SEO rankings for web and media assets...

7AI score

Exploits0

Tenable Nessus•added 2025/08/15 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2019-6339

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8.5.x prior to 8.5.9; A remote code execution vulnerability exists in PHP's built-in phar...

9.8CVSS8.3AI score0.76091EPSS

Exploits0References2