CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ali Aghdam Aparat Video Shortcode aparat-shortcode allows Stored XSS.This issue affects Aparat Video Shortcode: from n/a through = 0.2.4...

6.5CVSS5.9AI score0.00047EPSS

Exploits0References1

NVD•added 2025/09/05 2:16 p.m.•2 views

CVE-2025-58876

6.5CVSS0.00047EPSS

Exploits0References1

Cvelist•added 2025/09/05 1:45 p.m.•8 views

CVE-2025-58876 WordPress Aparat Video Shortcode Plugin <= 0.2.4 - Cross Site Scripting (XSS) Vulnerability

6.5CVSS0.00047EPSS

Exploits0References1

Vulnrichment•added 2025/09/05 1:45 p.m.•1 views

CVE-2025-58876 WordPress Aparat Video Shortcode Plugin <= 0.2.4 - Cross Site Scripting (XSS) Vulnerability

6.5CVSS5.9AI score0.00047EPSS

Exploits0References1

CVE•added 2025/09/05 1:45 p.m.•10 views

CVE-2025-58876

CVE-2025-58876 is a Stored XSS in the WordPress plugin “Aparat Video Shortcode”. Affected versions are up to 0.2.4 (reported as: Aparat Video Shortcode: from n/a through 0.2.4). The underlying issue is improper input neutralization during web page generation, enabling stored cross-site scripting....

6.5CVSS5.9AI score0.00047EPSS

Exploits0References1

Patchstack•added 2025/09/05 1:44 p.m.•4 views

WordPress Aparat Video Shortcode Plugin <= 0.2.4 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Mika in WordPress Plugin Aparat Video Shortcode versions = 0.2.4...

6.5CVSS6AI score0.00047EPSS

Exploits0Affected Software1

Positive Technologies•added 2025/09/05 12:0 a.m.•2 views

PT-2025-36215

Name of the Vulnerable Software and Affected Versions: Aparat Video Shortcode versions through 0.2.4 Description: The Ali Aghdam Aparat Video Shortcode software contains a Stored Cross-site Scripting XSS issue due to improper neutralization of input during web page generation. This allows for the...

6.5CVSS5.8AI score0.00047EPSS

Exploits0References4

CNNVD•added 2025/09/05 12:0 a.m.•1 views

WordPress plugin Aparat Video Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS5.8AI score0.00047EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:3 a.m.•22 views

CVE-2024-29765

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alireza Sedghi Aparat for WordPress allows Stored XSS.This issue affects Aparat for WordPress: from n/a through 2.2.0...

6.5CVSS8.6AI score0.00197EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:42 a.m.•4 views

CVE-2023-48770

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nima Saberi Aparat allows Stored XSS.This issue affects Aparat: from n/a through 1.7.1...

6.5CVSS6.7AI score0.00181EPSS

Exploits0References1

RedhatCVE•added 2025/02/15 2:27 p.m.•7 views

CVE-2025-26558

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mkkmail Aparat Responsive aparat-responsive allows DOM-Based XSS.This issue affects Aparat Responsive: from n/a through = 1.3...

6.5CVSS7.2AI score0.00131EPSS

Exploits0References1

NVD•added 2025/02/13 2:16 p.m.•8 views

CVE-2025-26558

6.5CVSS0.00131EPSS

Exploits0References1

Vulnrichment•added 2025/02/13 1:52 p.m.•6 views

CVE-2025-26558 WordPress Aparat Responsive plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mkkmail Aparat Responsive allows DOM-Based XSS. This issue affects Aparat Responsive: from n/a through 1.3...

6.5CVSS6.5AI score0.00131EPSS

Exploits0References1

CVE•added 2025/02/13 1:52 p.m.•64 views

CVE-2025-26558

CVE-2025-26558 concerns the WordPress plugin Aparat Responsive (mkkmail Aparat Responsive). Affected: Aparat Responsive up to version 1.3. Issue: improper neutralization of input during web page generation, leading to DOM-based XSS. Impact is cross-site scripting when rendering vulnerable pages; ...

6.5CVSS7.2AI score0.00131EPSS

Exploits0References1

Patchstack•added 2025/02/13 12:47 p.m.•2 views

WordPress Aparat Responsive plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Aparat Responsive versions = 1.3...

6.5CVSS6.1AI score0.00131EPSS

Exploits0Affected Software1

CNNVD•added 2025/02/13 12:0 a.m.•1 views

WordPress plugin Aparat Responsive 跨站脚本漏洞

6.5CVSS7.6AI score0.00131EPSS

Exploits0References1

WPVulnDB•added 2024/04/01 12:0 a.m.•28 views

Aparat for WordPress < 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Aparat for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, t...

6.5CVSS5.7AI score0.00197EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by