CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

CVE-2026-6404

The Anomify AI – Anomaly Detection and Alerting plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'anomifyapikey' parameter in versions up to and including 0.3.6. This is due to insufficient input sanitization and missing output escaping: the plugin applies sanitizetextfie...

4.4CVSS5.7AI score0.00044EPSS

Exploits0References1

NVD•added 2026/05/20 2:16 a.m.•6 views

CVE-2026-6404

4.4CVSS0.00044EPSS

Exploits0References7

Vulnrichment•added 2026/05/20 1:25 a.m.•3 views

CVE-2026-6404 Anomify AI <= 0.3.6 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'anomify_api_key' Parameter

4.4CVSS6AI score0.00044EPSS

Exploits0References7

ATTACKERKB•added 2026/05/20 1:25 a.m.•3 views

CVE-2026-6404

4.4CVSS6AI score0.00044EPSS

Exploits0References8

Cvelist•added 2026/05/20 1:25 a.m.•38 views

CVE-2026-6404 Anomify AI <= 0.3.6 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'anomify_api_key' Parameter

4.4CVSS0.00044EPSS

Exploits0References7

CVE•added 2026/05/20 1:25 a.m.•8 views

CVE-2026-6404

The CVE-2026-6404 case concerns the WordPress plugin Anomify AI – Anomaly Detection and Alerting (versions ≤ 0.3.6). The vulnerability is Stored Cross-Site Scripting (XSS) exploited via the anomify_api_key parameter. The root cause is inadequate input sanitization and missing output escaping: san...

4.4CVSS6AI score0.00044EPSS

Exploits0References7

Positive Technologies•added 2026/05/20 12:0 a.m.•6 views

PT-2026-42066

Name of the Vulnerable Software and Affected Versions Anomify AI – Anomaly Detection and Alerting plugin for WordPress versions prior to 0.3.7 Description The plugin is subject to Stored Cross-Site Scripting, a condition where malicious scripts are permanently stored on the target server. The iss...

4.4CVSS6AI score0.00044EPSS

Exploits0References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by