CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The WP HTML Author Bio WordPress plugin through 1.2.0 does not sanitise the HTML allowed in the Bio of users, allowing them to use malicious JavaScript code, which will be executed when anyone visit a post in the frontend made by such user. As a result, user with a role as low as author could...

5.4CVSS6.2AI score0.01771EPSS

Exploits3References1

RedhatCVE•added 2025/04/03 3:41 p.m.•7 views

CVE-2025-31731

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Philip John Author Bio Shortcode author-bio-shortcode allows Stored XSS.This issue affects Author Bio Shortcode: from n/a through = 2.5.3...

6.5CVSS7.2AI score0.00308EPSS

Exploits0References1

Patchstack•added 2025/04/01 3:45 p.m.•5 views

WordPress Author Bio Shortcode Plugin <= 2.5.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Author Bio Shortcode versions = 2.5.3...

6.5CVSS7AI score0.00308EPSS

Exploits0Affected Software1

NVD•added 2025/04/01 3:16 p.m.•8 views

CVE-2025-31731

6.5CVSS0.00308EPSS

Exploits0References1

Vulnrichment•added 2025/04/01 2:51 p.m.•9 views

CVE-2025-31731 WordPress Author Bio Shortcode Plugin <= 2.5.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Philip John Author Bio Shortcode allows Stored XSS. This issue affects Author Bio Shortcode: from n/a through 2.5.3...

6.5CVSS6.9AI score0.00308EPSS

Exploits0References1

Cvelist•added 2025/04/01 2:51 p.m.•17 views

CVE-2025-31731 WordPress Author Bio Shortcode Plugin <= 2.5.3 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00308EPSS

Exploits0References1

CVE•added 2025/04/01 2:51 p.m.•54 views

CVE-2025-31731

CVE-2025-31731 is a Stored XSS vulnerability in the WordPress plugin Author Bio Shortcode (vulnerable up to 2.5.3). The issue stems from improper neutralization of input during web page generation, enabling stored cross-site scripting. Exploitation would require authentication (Contributor+ level...

6.5CVSS7.2AI score0.00308EPSS

Exploits0References1

CNNVD•added 2025/04/01 12:0 a.m.•2 views

WordPress plugin Author Bio Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

6.5CVSS6.5AI score0.00308EPSS

Exploits0References2

RedhatCVE•added 2025/02/05 9:41 a.m.•13 views

CVE-2024-30545

Cross-Site Request Forgery CSRF vulnerability in Nick Powers Social Author Bio allows Stored XSS.This issue affects Social Author Bio: from n/a through 2.4...

7.1CVSS8.6AI score0.00195EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 5:49 a.m.•8 views

CVE-2024-49229

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arifnezami Better Author Bio better-author-bio allows Reflected XSS.This issue affects Better Author Bio: from n/a through = 2.7.10.11...

7.1CVSS5.9AI score0.00264EPSS

Exploits0References1

OSV•added 2024/10/17 6:15 p.m.•1 views

CVE-2024-49229

Cross-Site Request Forgery CSRF vulnerability in Arif Nezami Better Author Bio allows Cross-Site Scripting XSS.This issue affects Better Author Bio: from n/a through 2.7.10.11...

6.1CVSS5.8AI score0.00264EPSS

Exploits0References1

NVD•added 2024/10/17 6:15 p.m.•17 views

CVE-2024-49229

7.1CVSS0.00264EPSS

Exploits0References1

Vulnrichment•added 2024/10/17 5:51 p.m.•10 views

CVE-2024-49229 WordPress Better Author Bio plugin <= 2.7.10.11 - CSRF to Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Arif Nezami Better Author Bio allows Cross-Site Scripting XSS.This issue affects Better Author Bio: from n/a through 2.7.10.11...

7.1CVSS6.7AI score0.00264EPSS

Exploits0References1

CVE•added 2024/10/17 5:51 p.m.•46 views

CVE-2024-49229

CVE-2024-49229 : WordPress plugin Better Author Bio (

7.1CVSS5.9AI score0.00264EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/10/17 5:51 p.m.•26 views

CVE-2024-49229 WordPress Better Author Bio plugin <= 2.7.10.11 - CSRF to Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00264EPSS

Exploits0References1

Positive Technologies•added 2024/10/17 12:0 a.m.•2 views

PT-2024-33365 · Unknown · Better Author Bio

Name of the Vulnerable Software and Affected Versions: Better Author Bio versions 2.7.10.11 and earlier Description: A Cross-Site Request Forgery CSRF issue in Better Author Bio allows for Cross-Site Scripting XSS. This means an attacker could potentially trick a user into performing unintended...

7.1CVSS6.9AI score0.00264EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by