CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

NVD•added 2026/05/22 9:16 a.m.•16 views

CVE-2026-7615

The Widget Context plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.3. This is due to missing or incorrect nonce validation on the savewidgetcontextsettings function. This makes it possible for unauthenticated attackers to modify widget...

4.3CVSS0.00168EPSS

Exploits0References8

RedhatCVE•added 2026/01/09 9:34 a.m.•5 views

CVE-2024-41354

phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/widgets/edit.php...

7.1CVSS6.5AI score0.00308EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-39715

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00279EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 10:28 a.m.•7 views

CVE-2024-42613

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/adminwidgets.php?action=install=akismet...

8.8CVSS7.5AI score0.00279EPSS

Exploits1References1

Positive Technologies•added 2024/08/20 12:0 a.m.•2 views

PT-2024-30066 · Pligg Cms · Pligg Cms

Name of the Vulnerable Software and Affected Versions: Pligg CMS version 2.0.2 Description: A Cross-Site Request Forgery CSRF issue was found in Pligg CMS. The vulnerability can be exploited via the /admin/admin widgets.php endpoint with specific parameters: action=install and widget=akismet. Thi...

8.8CVSS6.7AI score0.00279EPSS

Exploits1References7

Positive Technologies•added 2024/08/20 12:0 a.m.•3 views

PT-2024-30067 · Pligg Cms · Pligg Cms

Name of the Vulnerable Software and Affected Versions: Pligg CMS version 2.0.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. It can be exploited via the /admin/admin widgets.php endpoint with specific parameters: action=remove and widget=Statistics. This...

8.8CVSS6.8AI score0.00279EPSS

Exploits1References6

CNNVD•added 2024/08/20 12:0 a.m.•4 views

Kliqqi CMS 安全漏洞

Kliqqi CMS Pligg CMS is Kliqqi open source a content management system . Kliqqi CMS v2.0.2 version of the cross-site request forgery vulnerability , the vulnerability stems from /admin/adminwidgets.php?action=install&widget=akismet does not adequately verify that the request is from a trusted use...

8.8CVSS7AI score0.00279EPSS

Exploits1References2

CNNVD•added 2024/07/26 12:0 a.m.•2 views

phpIPAM 安全漏洞

phpIPAM is the phpIPAM open source suite of open source PHP and MySQL based IP address management applications IPAM. A security vulnerability exists in phpIPAM version 1.6, which stems from a cross-site scripting vulnerability contained in the /app/admin/widgets/edit.php file...

7.1CVSS6.1AI score0.00308EPSS

Exploits1References2

Veracode•added 2020/06/04 1:57 a.m.•26 views

Cross-site Scripting (XSS)

django is vulnerable to cross-site scripting XSS. The vulnerability exists as the value of params, used in getcontext, in admin.widgets.py is not properly sanitized...

6.1CVSS1.3AI score0.02873EPSS

Exploits0References14Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by