CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

250 matches found

Positive Technologies•added 2025/12/01 12:0 a.m.•1 views

PT-2025-48555

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a privilege escalation vulnerability exists in Grav’s Admin plugin due to the absence of username uniqueness validation when creating users. A user with the create user permission can create a new account using the same username as an...

8.8CVSS6.9AI score0.00062EPSS

Exploits0References3

Positive Technologies•added 2025/12/01 12:0 a.m.•2 views

PT-2025-48571

Name of the Vulnerable Software and Affected Versions Grav versions prior to 1.11.0-beta.1 Description The Grav admin plugin, an HTML user interface for configuring Grav and managing pages, contains a Stored Cross-Site Scripting XSS issue. The vulnerability exists in the...

6.2CVSS5.1AI score0.00024EPSS

Exploits1References6

Positive Technologies•added 2025/12/01 12:0 a.m.•5 views

PT-2025-48566

Name of the Vulnerable Software and Affected Versions Grav versions prior to 1.8.0-beta.27 Grav versions prior to 1.11.0-beta.1 Description The Grav admin plugin, a user interface for configuring Grav, contains a flaw in its "Forgot Password" functionality. Specifically, the functionality at the...

6.5CVSS6.4AI score0.00059EPSS

Exploits1References8

Positive Technologies•added 2025/12/01 12:0 a.m.•3 views

PT-2025-48568

Name of the Vulnerable Software and Affected Versions Grav versions prior to 1.11.0-beta.1 Description The Grav admin plugin, an HTML user interface for configuring Grav and managing pages, contains a Reflected Cross-Site Scripting XSS issue. An attacker can inject malicious scripts through the...

6.2CVSS5.7AI score0.00032EPSS

Exploits1References7

Positive Technologies•added 2025/12/01 12:0 a.m.•3 views

PT-2025-48570

This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create and modify pages. Prior to 1.11.0-beta.1, a Stored Cross-Site Scripting XSS vulnerability was identified in the /admin/pages/page endpoint of the Grav application. This...

6.2CVSS5.2AI score0.00024EPSS

Exploits1References3

Positive Technologies•added 2025/12/01 12:0 a.m.•3 views

PT-2025-48569

6.2CVSS5.1AI score0.00024EPSS

Exploits1References7

GithubExploit•added 2025/11/06 3:5 p.m.•122 views

operation-log

oper...

5.8AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2013-1502

Malware in sbrugna...

4.3CVSS6.1AI score0.08713EPSS

Exploits5References9

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-13793

Malware in sbrugna...

6.5CVSS6.5AI score0.00284EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-16063

Malware in sbrugna...

7.2CVSS7AI score0.00723EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-13508

Malware in sbrugna...

8.8CVSS8.8AI score0.00092EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-11493

Malware in sbrugna...

8.8CVSS8.4AI score0.01738EPSS

Exploits5References2

EUVD•added 2025/10/03 8:7 p.m.•7 views

EUVD-2023-28058

Malicious code in bioql PyPI...

5.9CVSS5.3AI score0.00207EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-3913

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00344EPSS

Exploits0References10

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-32303

Malicious code in bioql PyPI...

9.8CVSS6.4AI score0.00721EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-38145

Malicious code in bioql PyPI...

7.1CVSS6.9AI score0.00105EPSS

Exploits0References1

Patchstack•added 2025/09/22 7:38 p.m.•4 views

WordPress WP Frontend Admin plugin <= 1.22.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WP Frontend Admin versions = 1.22.7...

6.5CVSS5.9AI score0.00042EPSS

Exploits0Affected Software1

Vulnrichment•added 2025/09/22 6:25 p.m.•0 views

CVE-2025-57898 WordPress WP Frontend Admin Plugin <= 1.22.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jose Vega WP Frontend Admin allows Stored XSS. This issue affects WP Frontend Admin: from n/a through 1.22.6...

6.5CVSS5.6AI score0.00042EPSS

Exploits0References1

Cvelist•added 2025/09/09 4:25 p.m.•9 views

CVE-2025-39553 WordPress Church Admin plugin <= 5.0.9 - Sensitive Data Exposure vulnerability

Missing Authorization vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 5.0.9...

4.3CVSS0.00058EPSS

Exploits0References1

Vulnrichment•added 2025/09/05 1:45 p.m.•4 views

CVE-2025-58865 WordPress Compact Admin plugin <= 1.3.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in reimund Compact Admin compact-admin allows Cross Site Request Forgery.This issue affects Compact Admin: from n/a through = 1.3.3...

4.3CVSS5.9AI score0.00026EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by