CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

888 matches found

RedhatCVE•added 2025/05/23 5:18 a.m.•2 views

CVE-2023-30786

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Benjamin Guy Captcha Them All plugin = 1.3.3 versions...

5.9CVSS5.2AI score0.00369EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:13 a.m.•10 views

CVE-2023-41859

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin = 1.2 versions...

5.9CVSS5.6AI score0.00316EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:11 a.m.•10 views

CVE-2023-23710

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn plugin = 7.5.14 versions...

5.9CVSS5.6AI score0.00369EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:2 a.m.•6 views

CVE-2023-27617

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in David F. Carr RSVPMaker plugin = 10.6.6 versions...

5.9CVSS5.6AI score0.0031EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:50 a.m.•5 views

CVE-2023-28496

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in SMTP2GO – Email Made Easy plugin = 1.4.2 versions...

5.9CVSS5.6AI score0.00369EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:50 a.m.•4 views

CVE-2023-28692

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Kevon Adonis WP Abstracts plugin = 2.6.3 versions...

5.9CVSS5.6AI score0.00402EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 4:36 a.m.•4 views

CVE-2023-35092

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Abhay Yadav Breadcrumb simple plugin = 1.3 versions...

5.9CVSS5.6AI score0.00379EPSS

Exploits1

RedhatCVE•added 2025/05/23 2:35 a.m.•4 views

CVE-2023-23794

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex Moss Semalt Blocker plugin = 1.1.3 versions...

5.9CVSS6.2AI score0.00369EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:14 a.m.•4 views

CVE-2023-25485

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Bernhard Kux JSON Content Importer plugin = 1.3.15 versions...

5.9CVSS5.2AI score0.00369EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 12:36 a.m.•47 views

CVE-2022-33961

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WaspThemes Visual CSS Style Editor plugin = 7.5.8 versions...

4.8CVSS5.6AI score0.00352EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:8 p.m.•7 views

CVE-2021-45334

Sourcecodester Online Thesis Archiving System 1.0 is vulnerable to SQL Injection. An attacker can bypass admin authentication and gain access to admin panel using SQL Injection...

9.8CVSS7.9AI score0.02761EPSS

Exploits1

RedhatCVE•added 2025/05/22 8:59 p.m.•3 views

CVE-2021-20851

Cross-site request forgery CSRF vulnerability in Browser and Operating System Finder versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of an administrator via unspecified vectors...

8.8CVSS7.2AI score0.00759EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 8:58 p.m.•2 views

CVE-2021-20647

Cross-site request forgery CSRF vulnerability in ELECOM WRC-300FEBK-S allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started...

6.5CVSS7.4AI score0.00497EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:8 p.m.•7 views

CVE-2021-20783

Cross-site request forgery CSRF vulnerability in Optical BB unit E-WMTA2.3 allows a remote attacker to hijack the authentication of administrators via a specially crafted page...

8.8CVSS7.3AI score0.00551EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:28 p.m.•6 views

CVE-2020-28071

SourceCodester Alumni Management System 1.0 is affected by cross-site Scripting XSS in /admin/gallery.php. After the admin authentication an attacker can upload an image in the gallery using a XSS payload in the description textarea called 'about' and reach a stored XSS...

4.8CVSS5.4AI score0.00642EPSS

Exploits2

RedhatCVE•added 2025/05/22 3:10 p.m.•4 views

CVE-2020-14054

SOKKIA GNR5 Vanguard WEB version 1.2 build: 91f2b2c3a04d203d79862f87e2440cb7cefc3cd3 and hardware version 212 allows remote attackers to bypass admin authentication via a SQL injection attack that uses the User Name or Password field on the login page...

9.8CVSS8.3AI score0.01411EPSS

Exploits0

RedhatCVE•added 2025/05/22 10:30 a.m.•6 views

CVE-2019-5971

Cross-site request forgery CSRF vulnerability in Attendance Manager 0.5.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.8CVSS7.5AI score0.01042EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:55 a.m.•6 views

CVE-2011-5078

The web administration interface in the server in Sybase M-Business Anywhere 6.7 before ESD 3 and 7.0 before ESD 7 does not require admin authentication for unspecified scripts, which allows remote authenticated users to list or delete user accounts, modify passwords, or read log files via HTTP...

6.5CVSS6.9AI score0.01117EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 8:33 a.m.•3 views

CVE-2019-5980

Cross-site request forgery CSRF vulnerability in Related YouTube Videos versions prior to 1.9.9 allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.8CVSS7.3AI score0.01017EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 5:50 a.m.•4 views

CVE-2016-1000028

Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. Tenable ID 5198...

4.8CVSS6.4AI score0.00858EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by