CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

60 matches found

CVE-2026-42684

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ahmad WP Job Portal allows Blind SQL Injection. This issue affects WP Job Portal: from n/a through 2.5.1...

9.3CVSS0.0003EPSS

Exploits0References1

NVD•added 2 days ago•7 views

CVE-2026-42685

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ahmad WP Job Portal allows Reflected XSS. This issue affects WP Job Portal: from n/a through 2.5.1...

7.1CVSS0.00033EPSS

Exploits0References1

EUVD•added 2 days ago•4 views

EUVD-2026-33909

9.3CVSS5.8AI score0.0003EPSS

Exploits0References1

Patchstack•added 2025/11/29 2:41 p.m.•2 views

WordPress Notification for Telegram plugin <= 3.4.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ahmad in WordPress Plugin Notification for Telegram versions = 3.4.7...

4.3CVSS7AI score0.00041EPSS

Exploits0Affected Software1

EUVD•added 2025/11/12 6:0 p.m.•1 views

EUVD-2025-146120

Malicious code in ahmad-basikal npm...

6.6AI score

Exploits0

RedhatCVE•added 2025/10/23 3:14 p.m.•2 views

CVE-2025-49948

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ahmad Awais WP Super Edit wp-super-edit allows Reflected XSS.This issue affects WP Super Edit: from n/a through = 2.5.4...

7.1CVSS6.4AI score0.00012EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-30317

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00107EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-43467

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00206EPSS

Exploits0References1

Patchstack•added 2025/06/12 4:28 p.m.•13 views

WordPress Majestic Support plugin <= 1.1.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Fariq Fadillah Gusti Insani in WordPress Plugin Majestic Support versions = 1.1.0...

5.3CVSS6.8AI score0.00057EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/05/23 10:28 a.m.•2 views

CVE-2024-43267

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Qamar Sheeraz, Nasir Ahmad, GenialSouls Mega Addons For Elementor allows Stored XSS.This issue affects Mega Addons For Elementor: from n/a through 1.9...

6.5CVSS6.8AI score0.00156EPSS

Exploits0

RedhatCVE•added 2025/05/23 10:16 a.m.•4 views

CVE-2024-32515

Missing Authorization vulnerability in Qamar Sheeraz, Nasir Ahmad Mega Addons For Elementor.This issue affects Mega Addons For Elementor: from n/a through 1.8...

5.4CVSS5.2AI score0.00107EPSS

Exploits0References1

Patchstack•added 2025/05/19 4:32 p.m.•4 views

WordPress WP Job Portal plugin <= 2.3.2 - Insecure Direct Object References (IDOR) Vulnerability

Insecure Direct Object References IDOR Vulnerability discovered by LVT-tholv2k in WordPress Plugin WP Job Portal versions = 2.3.2...

5.3CVSS6.7AI score0.00075EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/02/05 6:10 a.m.•2 views

CVE-2024-49604

Authentication Bypass Using an Alternate Path or Channel vulnerability in N-Media Simple User Registration wp-registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a through = 6.7...

9.8CVSS5.9AI score0.00206EPSS

Exploits0References1

RedhatCVE•added 2025/02/04 10:22 p.m.•2 views

CVE-2024-53810

Missing Authorization vulnerability in N-Media Simple User Registration wp-registration allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Simple User Registration: from n/a through = 5.5...

9.1CVSS7.2AI score0.00247EPSS

Exploits0References1

Patchstack•added 2025/01/24 11:47 a.m.•2 views

WordPress RSVP and Event Management Plugin <= 2.7.14 - SQL Injection vulnerability

SQL Injection vulnerability discovered by AHMAD SOPYAN in WordPress Plugin RSVP and Event Management versions = 2.7.14...

7.6CVSS8.1AI score0.00058EPSS

Exploits0Affected Software1

Patchstack•added 2024/11/11 12:0 a.m.•8 views

WordPress WP Job Portal Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Job Portal Type Plugin Vulnerable versions = 2.2.0 Fixed in 2.2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52389 Patch priority Medium CVSS severity Medium 6.5 Developer Ahmad PSID 3e42293c0184 Credits casol Required privilege Subscriber Publishe...

6.5CVSS6.5AI score0.00211EPSS

Exploits0References2Affected Software1

NVD•added 2024/10/20 8:15 a.m.•15 views

CVE-2024-49604

9.8CVSS0.00206EPSS

Exploits0References1

CVE•added 2024/10/20 7:56 a.m.•43 views

CVE-2024-49604

CVE-2024-49604 targets WordPress plugin Simple User Registration (versions n/a–5.5). The issue is an Authentication Bypass via an alternate path or channel, enabling account takeovers as described in multiple sources. Public records list the vulnerability with a critical impact (base score up to ...

9.8CVSS5.9AI score0.00206EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/10/20 12:0 a.m.•1 views

PT-2024-33559 · Unknown · Najeeb Ahmad Simple User Registration

Name of the Vulnerable Software and Affected Versions: Najeeb Ahmad Simple User Registration versions n/a through 5.5 Description: The issue is related to an Authentication Bypass Using an Alternate Path or Channel vulnerability. This vulnerability allows for authentication bypass, potentially...

9.8CVSS7.2AI score0.00206EPSS

Exploits0References8

Patchstack•added 2024/08/27 5:39 a.m.•2 views

WordPress Reviews Feed plugin <= 1.1.2 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Sajjad Ahmad jacksparrow in WordPress Plugin Reviews Feed versions = 1.1.2...

4.3CVSS7AI score0.00123EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by