CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-29675

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00048EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-45480

Malicious code in bioql PyPI...

7.1CVSS6.5AI score0.00165EPSS

Exploits0References1

RedhatCVE•added 2025/09/19 2:22 a.m.•6 views

CVE-2025-9851

The Appointmind plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'appointmindcalendar' shortcode in all versions up to, and including, 4.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS4.9AI score0.00048EPSS

Exploits0References1

CNVD•added 2025/09/19 12:0 a.m.•2 views

WordPress Appointmind plugin cross-site scripting vulnerability

WordPress Appointmind plugin is an online appointment management plugin for WordPress, mainly used to embed the online appointment scheduling feature into posts or sidebars. WordPress Appointmind plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of...

6.4CVSS6.1AI score0.00048EPSS

Exploits0References1

NVD•added 2025/09/17 2:15 a.m.•4 views

CVE-2025-9851

6.4CVSS0.00048EPSS

Exploits0References2

Vulnrichment•added 2025/09/17 1:49 a.m.•2 views

CVE-2025-9851 Appointmind <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS4.7AI score0.00048EPSS

Exploits0References2

Cvelist•added 2025/09/17 1:49 a.m.•7 views

CVE-2025-9851 Appointmind <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS0.00048EPSS

Exploits0References2

CVE•added 2025/09/17 1:49 a.m.•17 views

CVE-2025-9851

CVE-2025-9851 affects the WordPress Appointmind plugin. The vulnerability is a Stored Cross‑Site Scripting via the appointmind_calendar shortcode in all versions up to 4.1.0, caused by insufficient input sanitization and output escaping on user-supplied attributes. Authenticated attackers with co...

6.4CVSS4.7AI score0.00048EPSS

Exploits0References2

CNNVD•added 2025/09/17 12:0 a.m.•1 views

WordPress plugin Appointmind 跨站脚本漏洞

6.4CVSS6AI score0.00048EPSS

Exploits0References2

Positive Technologies•added 2025/09/17 12:0 a.m.•1 views

PT-2025-38103

Name of the Vulnerable Software and Affected Versions: Appointmind plugin for WordPress versions up to and including 4.1.0 Description: The Appointmind plugin for WordPress is susceptible to Stored Cross-Site Scripting through the appointmind calendar shortcode. Insufficient input sanitization an...

6.4CVSS5AI score0.00048EPSS

Exploits0References6

Patchstack•added 2025/09/16 10:28 p.m.•4 views

WordPress Appointmind plugin <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Appointmind versions = 4.1.0...

6.4CVSS5.5AI score0.00048EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/02/05 3:15 a.m.•3 views

CVE-2024-51679

Cross-Site Request Forgery CSRF vulnerability in gentlesource Appointmind appointmind allows Stored XSS.This issue affects Appointmind: from n/a through = 4.0.0...

7.1CVSS5.9AI score0.00165EPSS

Exploits0References1

NVD•added 2024/11/14 10:15 p.m.•14 views

CVE-2024-51679

Cross-Site Request Forgery CSRF vulnerability in gentlesource Appointmind appointmind allows Stored XSS.This issue affects Appointmind: from n/a through = 4.0.0...

7.1CVSS0.00165EPSS

Exploits0References1

OSV•added 2024/11/14 10:15 p.m.•0 views

CVE-2024-51679

Cross-Site Request Forgery CSRF vulnerability in GentleSource Appointmind allows Stored XSS.This issue affects Appointmind: from n/a through 4.0.0...

6.1CVSS5.8AI score

Exploits0References1

Cvelist•added 2024/11/14 9:34 p.m.•17 views

CVE-2024-51679 WordPress Appointmind plugin <= 4.0.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in gentlesource Appointmind appointmind allows Stored XSS.This issue affects Appointmind: from n/a through = 4.0.0...

7.1CVSS0.00165EPSS

Exploits0References1

CVE•added 2024/11/14 9:34 p.m.•48 views

CVE-2024-51679

CVE-2024-51679: WordPress Appointmind plugin

7.1CVSS5.9AI score0.00165EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/11/14 9:34 p.m.•9 views

CVE-2024-51679 WordPress Appointmind plugin <= 4.0.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in gentlesource Appointmind appointmind allows Stored XSS.This issue affects Appointmind: from n/a through = 4.0.0...

7.1CVSS5.9AI score0.00165EPSS

Exploits0References1

CNNVD•added 2024/11/14 12:0 a.m.•1 views

WordPress plugin Appointmind 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

7.1CVSS6.5AI score0.00165EPSS

Exploits0References1

Patchstack•added 2024/11/01 1:3 p.m.•2 views

WordPress Appointmind plugin <= 4.0.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Appointmind versions = 4.0.0...

7.1CVSS6.2AI score0.00165EPSS

Exploits0Affected Software1

Patchstack•added 2024/11/01 12:0 a.m.•8 views

WordPress Appointmind Plugin <= 4.0.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Appointmind Type Plugin Vulnerable versions = 4.0.0 Fixed in 4.1.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-51679 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 55eaeba7d578 Credits SOPROBRO Required...

7.1CVSS7AI score0.00165EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by