CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

398 matches found

Vulnrichment•added 2025/03/08 2:24 a.m.•8 views

CVE-2024-13895 Code Snippets CPT <= 2.1.0 - Authenticated (Subscriber+) Arbitrary Shortcode Execution

The The Code Snippets CPT plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

4.3CVSS7.7AI score0.00258EPSS

Exploits0References2

RedhatCVE•added 2025/03/07 9:42 a.m.•7 views

CVE-2024-13815

The The Listingo theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.2.7. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

6.5CVSS7.8AI score0.00344EPSS

Exploits0References1

NVD•added 2025/03/05 10:15 a.m.•3 views

CVE-2024-13815

6.5CVSS0.00344EPSS

Exploits0References2

Vulnrichment•added 2025/03/05 9:21 a.m.•8 views

CVE-2024-13815 Listingo - Business Listing and Directory WordPress Theme <= 3.2.7 - Unauthenticated Arbitrary Shortcode Execution

6.5CVSS7.9AI score0.00344EPSS

Exploits0References2

RedhatCVE•added 2025/03/03 8:20 a.m.•5 views

CVE-2024-13806

The The Authors List plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.6. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

6.5CVSS7.5AI score0.00344EPSS

Exploits0References1

NVD•added 2025/03/01 8:15 a.m.•7 views

CVE-2024-13806

6.5CVSS0.00344EPSS

Exploits0References2

CVE•added 2025/03/01 7:24 a.m.•50 views

CVE-2024-13806

CVE-2024-13806 – The Authors List plugin for WordPress (versions

6.5CVSS7.7AI score0.00344EPSS

Exploits0References2

Vulnrichment•added 2025/03/01 7:24 a.m.•8 views

CVE-2024-13806 Authors List <= 2.0.6 - Unauthenticated Arbitrary Shortcode Execution

6.5CVSS6.8AI score0.00344EPSS

Exploits0References2

RedhatCVE•added 2025/02/24 4:24 a.m.•29 views

CVE-2025-1509

The The Show Me The Cookies plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

9.8CVSS7.5AI score0.00563EPSS

Exploits0References1

RedhatCVE•added 2025/02/24 4:24 a.m.•22 views

CVE-2025-1510

The The Custom Post Type Date Archives plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.7.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it...

9.8CVSS7.5AI score0.00583EPSS

Exploits0References1

RedhatCVE•added 2025/02/22 9:30 a.m.•4 views

CVE-2024-13792

The WooCommerce Food - Restaurant Menu & Food ordering plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.3.2. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcod...

9.8CVSS7.6AI score0.00502EPSS

Exploits0References1

NVD•added 2025/02/22 4:15 a.m.•6 views

CVE-2025-1510

9.8CVSS0.00583EPSS

Exploits0References2

NVD•added 2025/02/22 4:15 a.m.•9 views

CVE-2025-1509

9.8CVSS0.00563EPSS

Exploits0References2

CVE•added 2025/02/22 3:21 a.m.•149 views

CVE-2025-1510

CVE-2025-1510 affects the Custom Post Type Date Archives plugin for WordPress (

9.8CVSS7.4AI score0.00583EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2025/02/22 3:21 a.m.•8 views

CVE-2025-1510 Custom Post Type Date Archives <= 2.7.1 - Missing Authorization to Unauthenticated Arbitrary Shortcode Execution

7.3CVSS7.4AI score0.00583EPSS

Exploits0References2

Cvelist•added 2025/02/22 3:20 a.m.•25 views

CVE-2025-1509 Show Me The Cookies <= 1.0 - Unauthenticated Arbitrary Shortcode Execution

7.3CVSS0.00563EPSS

Exploits0References2

CVE•added 2025/02/22 3:20 a.m.•75 views

CVE-2025-1509

The CVE-2025-1509 shows a vulnerability in the Show Me The Cookies WordPress plugin (versions up to 1.0) enabling unauthenticated arbitrary shortcode execution due to improper validation before do_shortcode. This can allow an attacker to run arbitrary shortcodes on affected sites. The Wordfence a...

9.8CVSS7.4AI score0.00563EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2025/02/22 3:20 a.m.•9 views

CVE-2025-1509 Show Me The Cookies <= 1.0 - Unauthenticated Arbitrary Shortcode Execution

7.3CVSS7.4AI score0.00563EPSS

Exploits0References2

RedhatCVE•added 2025/02/20 3:26 p.m.•4 views

CVE-2024-13689

The Uncode Core plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.9.1.6. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

6.3CVSS7.3AI score0.00412EPSS

Exploits0References1

Cvelist•added 2025/02/20 9:21 a.m.•15 views

CVE-2024-13792 WooCommerce Food - Restaurant Menu & Food ordering <= 3.3.2 - Unauthenticated Arbitrary Shortcode Execution via ids

7.3CVSS0.00502EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by