CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-Site Request Forgery CSRF vulnerability in Aftab Husain Hide Admin Bar From Front End hide-admin-bar-from-front-end allows Cross Site Request Forgery.This issue affects Hide Admin Bar From Front End: from n/a through = 1.0.0...

4.3CVSS5.9AI score0.00084EPSS

Exploits0References1

NVD•added 2025/06/27 2:15 p.m.•2 views

CVE-2025-53267

4.3CVSS0.00084EPSS

Exploits0References1

Positive Technologies•added 2025/06/27 12:0 a.m.•0 views

PT-2025-27174 · Unknown · Hide Admin Bar From Front End

Name of the Vulnerable Software and Affected Versions: Hide Admin Bar From Front End versions 1.0.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This is a type of attack where a...

4.3CVSS6.6AI score0.00084EPSS

Exploits0References3

CNNVD•added 2025/06/27 12:0 a.m.•1 views

WordPress plugin Hide Admin Bar From Front End 跨站请求伪造漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in WordPress...

4.3CVSS6.4AI score0.00084EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:1 a.m.•0 views

CVE-2024-3611

The Toolbar Extras for Elementor & More – WordPress Admin Bar Enhanced plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tbex-version' shortcode in all versions up to, and including, 1.4.9 due to insufficient input sanitization and output escaping on user supplie...

6.4CVSS6AI score0.0031EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:23 a.m.•2 views

CVE-2024-1716

The Admin Bar Remover plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateform function in all versions up to, and including, 1.0.2.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to...

4.3CVSS6.5AI score0.00132EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:9 a.m.•6 views

CVE-2023-47184

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Proper Fraction LLC. Admin Bar & Dashboard Access Control plugin = 1.2.8 versions...

5.9CVSS5.8AI score0.00068EPSS

Exploits2References1

RedhatCVE•added 2025/04/27 7:0 a.m.•11 views

CVE-2025-3868

The Custom Admin-Bar Favorites plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'menuObject' parameter in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS6.4AI score0.00299EPSS

Exploits0References1

Cvelist•added 2025/04/25 6:45 a.m.•15 views

CVE-2025-3868 Custom Admin-Bar Favorites <= 0.1 - Reflected Cross-Site Scripting

6.1CVSS0.00299EPSS

Exploits0References3

Vulnrichment•added 2025/04/25 6:45 a.m.•4 views

CVE-2025-3868 Custom Admin-Bar Favorites <= 0.1 - Reflected Cross-Site Scripting

6.1CVSS6.5AI score0.00299EPSS

Exploits0References3

CVE•added 2025/04/25 6:45 a.m.•60 views

CVE-2025-3868

The CVE CVE-2025-3868 affects the WordPress plugin Custom Admin-Bar Favorites (versions up to 0.1). It is a Reflected Cross-Site Scripting vulnerability via the menuObject parameter caused by insufficient input sanitization/output escaping. Impact: unauthenticated attackers can inject scripts in ...

6.1CVSS6AI score0.00299EPSS

Exploits0References3

CNNVD•added 2025/04/25 12:0 a.m.•1 views

WordPress plugin Custom Admin-Bar Favorites 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

6.1CVSS6.1AI score0.00299EPSS

Exploits0References5

NVD•added 2025/03/24 2:15 p.m.•4 views

CVE-2025-30552

Cross-Site Request Forgery CSRF vulnerability in Donald Gilbert WordPress Admin Bar Improved wordpress-admin-bar-improved allows Stored XSS.This issue affects WordPress Admin Bar Improved: from n/a through = 3.3.5...

7.1CVSS0.0016EPSS

Exploits0References1

Cvelist•added 2025/03/24 1:46 p.m.•16 views

CVE-2025-30552 WordPress WordPress Admin Bar Improved plugin <= 3.3.5 - CSRF to Stored XSS vulnerability

7.1CVSS0.0016EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by