CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

52 matches found

CNNVD•added 2026/04/08 12:0 a.m.•3 views

WordPress plugin Grand Blog 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.7AI score0.00017EPSS

Exploits0References1

CNNVD•added 2026/02/18 12:0 a.m.•5 views

WordPress plugin Context Blog 信息泄露漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Context Blog. The...

5.3CVSS5.7AI score0.00021EPSS

Exploits0References5

CVE•added 2026/02/11 8:26 a.m.•8 views

CVE-2026-1786

CVE-2026-1786 : The Twitter posts to Blog plugin for WordPress is vulnerable due to a missing capability check on the internal dg_tw_options function, affecting all versions up to and including 1.11.25. This allows unauthenticated attackers to modify plugin settings (including Twitter API credent...

6.5CVSS5.5AI score0.00042EPSS

Exploits0References2

Vulnrichment•added 2026/02/11 8:26 a.m.•1 views

CVE-2026-1786 Twitter posts to Blog <= 1.11.25 - Missing Authorization to Unauthenticated Plugin Settings Update

The Twitter posts to Blog plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'dgtwoptions' function in all versions up to, and including, 1.11.25. This makes it possible for unauthenticated attackers to update plugin settings including...

6.5CVSS5.5AI score0.00042EPSS

Exploits0References2

CNNVD•added 2026/02/11 12:0 a.m.•3 views

WordPress plugin Twitter posts to Blog 安全漏洞

6.5CVSS5.8AI score0.00042EPSS

Exploits0References3

CNNVD•added 2026/01/13 12:0 a.m.•2 views

WordPress plugin Dreamer Blog 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

9.8CVSS5.9AI score0.0008EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:10 a.m.•4 views

CVE-2019-11565

Server Side Request Forgery SSRF exists in the Print My Blog plugin before 1.6.7 for WordPress via the site parameter...

9.8CVSS7AI score0.02388EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-11548

Malware in sbrugna...

8.1CVSS8AI score0.0012EPSS

Exploits2References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2010-4699

Malware in sbrugna...

2.6CVSS6.4AI score0.00483EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-3236

Malware in sbrugna...

9.8CVSS9.4AI score0.02388EPSS

Exploits1References6

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-2319

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00118EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2021-29211

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00346EPSS

Exploits1References3

RedhatCVE•added 2025/05/23 12:26 a.m.•3 views

CVE-2022-4824

The WP Blog and Widgets WordPress plugin before 2.3.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

5.4CVSS5.9AI score0.00252EPSS

Exploits2References1

CNNVD•added 2025/04/01 12:0 a.m.•1 views

WordPress plugin PhotoShelter for Photographers Blog Feed Plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS6.7AI score0.00532EPSS

Exploits0References2

CNNVD•added 2025/01/02 12:0 a.m.•1 views

WordPress plugin Patricia Blog 跨站请求伪造漏洞

4.3CVSS6.6AI score0.00248EPSS

Exploits0References1

Cvelist•added 2024/11/16 4:29 a.m.•24 views

CVE-2024-10728 PostX <= 4.1.16 - Missing Authorization to Arbitrary Plugin Installation/Activation

The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the 'installrequiredplugincallback' function in all versions up to, and including, 4.1.16. This makes it possible...

8.8CVSS0.76069EPSS

Exploits1References5

OSV•added 2024/06/17 6:15 a.m.•0 views

CVE-2024-4305

The Post Grid Gutenberg Blocks and WordPress Blog Plugin WordPress plugin before 4.1.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Si...

6.8CVSS5.8AI score

Exploits0References1

Vulnrichment•added 2024/06/17 6:0 a.m.•13 views

CVE-2024-4305 PostX < 4.1.0 - Contributor+ Stored XSS

6.1AI score0.00375EPSS

Exploits2References1

CVE•added 2024/06/17 6:0 a.m.•53 views

CVE-2024-4305

CVE-2024-4305 affects the WordPress plugin combination “Post Grid Gutenberg Blocks and WordPress Blog Plugin.” The description in the sources specifies that versions before 4.1.0 do not validate and escape certain block options before they are output in a page/post where the block is embedded, wh...

6.8CVSS6.2AI score0.00375EPSS

Exploits2References1Affected Software1