CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Patchstack•added 2025/12/31 12:0 a.m.•4 views

WordPress Binary MLM Woocommerce plugin <= 2.0 - Reflected Cross-Site Scripting via 'page' vulnerability

Reflected Cross-Site Scripting via 'page' vulnerability discovered by vgo0 in WordPress Plugin Binary MLM Woocommerce versions = 2.0...

6.1CVSS5.4AI score0.0261EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/05/23 9:27 a.m.•3 views

CVE-2024-12384

The Binary MLM Woocommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page’ parameter in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

6.1CVSS6.4AI score0.0261EPSS

Exploits0References1

NVD•added 2025/01/07 6:15 a.m.•5 views

CVE-2024-12384

6.1CVSS0.0261EPSS

Exploits0References5

Cvelist•added 2025/01/07 5:24 a.m.•11 views

CVE-2024-12384 Binary MLM Woocommerce <= 2.0 - Reflected Cross-Site Scripting via 'page'

6.1CVSS0.0261EPSS

Exploits0References5

CVE•added 2025/01/07 5:24 a.m.•44 views

CVE-2024-12384

CVE-2024-12384 affects Binary MLM Woocommerce (WordPress) with Reflected XSS via the 'page' parameter in all versions up to 2.0. Root cause: insufficient input sanitization and output escaping. Impact: unauthenticated attackers can inject scripts into pages executed after a user clicks a crafted ...

6.1CVSS6AI score0.0261EPSS

Exploits0References5

Cvelist•added 2025/01/07 5:23 a.m.•13 views

CVE-2024-12383 Binary MLM Woocommerce <= 2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Binary MLM Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0. This is due to missing or incorrect nonce validation on the 'bmwdisplaypvsetpage' function and insufficient input sanitization and output escaping of the...

6.1CVSS0.00566EPSS

Exploits0References5

CNNVD•added 2025/01/07 12:0 a.m.•2 views

WordPress plugin Binary MLM Woocommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS7.8AI score0.0261EPSS

Exploits0References4

Patchstack•added 2025/01/06 6:50 p.m.•2 views

WordPress Binary MLM Woocommerce plugin <= 2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin Binary MLM Woocommerce versions = 2.0...

6.1CVSS5.9AI score0.00566EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by