CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

vulnersOsv•added 2026/05/26 11:38 p.m.•5 views

@fedify/botkit (>=0.4.0-dev.184 <=0.5.0-dev.198), @fedify/botkit-sqlite (>=0.4.0-dev.184 <=0.5.0-dev.198) +1 more potentially affected by CVE-2026-42462 via @fedify/fedify (>=2.1.0 <=2.1.13)

@fedify/fedify NPM version =2.1.0, =0.4.0-dev.184, =0.4.0-dev.184, =2.1.0, =2.1.13 Source cves: CVE-2026-42462 Source advisory: SNYK:JS-FEDIFYFEDIFY-16895732...

7CVSS5.4AI score0.00171EPSS

Exploits0

vulnersOsv•added 2026/05/26 11:38 p.m.•7 views

@fedify/botkit (>=0.4.0-dev.177 <=0.4.0-dev.181), @fedify/botkit-sqlite (>=0.4.0-dev.177 <=0.4.0-dev.181) potentially affected by CVE-2026-42462 via @fedify/fedify (=1.10.0)

@fedify/fedify NPM version =1.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @fedify/fedify and may be impacted: - @fedify/botkit =0.4.0-dev.177, =0.4.0-dev.177, =0.4.0-dev.181 Source cves: CVE-2026-42462 Source advisory:...

7CVSS5.4AI score0.00171EPSS

Exploits0

vulnersOsv•added 2026/05/26 11:38 p.m.•5 views

@fedify/botkit (>=0.4.0-dev.177 <=0.4.0-dev.181), @fedify/botkit-sqlite (>=0.4.0-dev.177 <=0.4.0-dev.181) potentially affected by CVE-2026-42462 via @fedify/fedify (=1.10.0)

7CVSS5.4AI score0.00171EPSS

Exploits0

vulnersOsv•added 2026/04/07 6:4 p.m.•5 views

@de-otio/trellis (>=0.4.0 <=0.7.1), @fedify/amqp (>=0.1.0 <=0.2.0-dev.11) +6 more potentially affected by CVE-2026-34148 via @fedify/fedify (>=1.10.0 <=1.10.10)

@fedify/fedify NPM version =1.10.0, =0.4.0, =0.1.0, =0.3.0, =0.3.0, =0.1.0, =0.2.0, =0.0.1, =0.1.0, =1.1.20 Source cves: CVE-2026-34148 Source advisory: OSV:GHSA-GM9M-GWC4-HWGP...

7.5CVSS5.4AI score0.00551EPSS

Exploits1

vulnersOsv•added 2026/04/07 6:4 p.m.•7 views

@de-otio/trellis (>=0.4.0 <=0.7.1), @fedify/amqp (>=0.1.0 <=0.2.0-dev.12) +6 more potentially affected by CVE-2026-34148 via @fedify/fedify (>=1.10.0 <=1.9.2)

@fedify/fedify NPM version =1.10.0, =0.4.0, =0.1.0, =0.3.0, =0.3.0, =0.1.0, =0.2.0, =0.0.1, =0.1.0, =1.1.20 Source cves: CVE-2026-34148 Source advisory: SNYK:JS-FEDIFYFEDIFY-15928876...

7.5CVSS5.8AI score0.00551EPSS

Exploits1

vulnersOsv•added 2026/04/07 6:4 p.m.•9 views

@fedify/botkit (>=0.4.0-dev.184 <=0.4.0-dev.185), @fedify/botkit-sqlite (>=0.4.0-dev.184 <=0.4.0-dev.185) +5 more potentially affected by CVE-2026-34148 via @fedify/vocab-runtime (=2.1.0)

@fedify/vocab-runtime NPM version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on @fedify/vocab-runtime and may be impacted: - @fedify/botkit =0.4.0-dev.184, =0.4.0-dev.184, =0.4.0-dev.185 - @fedify/cli =2.1.0 - @fedify/fedify =2.1.0 -...

7.5CVSS5.8AI score0.00551EPSS

Exploits1

vulnersOsv•added 2026/04/07 6:4 p.m.•7 views

@fedify/botkit (>=0.4.0-dev.184 <=0.4.0-dev.185), @fedify/botkit-sqlite (>=0.4.0-dev.184 <=0.4.0-dev.185) +1 more potentially affected by CVE-2026-34148 via @fedify/fedify (=2.1.0)

@fedify/fedify NPM version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on @fedify/fedify and may be impacted: - @fedify/botkit =0.4.0-dev.184, =0.4.0-dev.184, =0.4.0-dev.185 - @fedify/cli =2.1.0 Source cves: CVE-2026-34148 Source advisory:...

7.5CVSS5.8AI score0.00551EPSS

Exploits1

vulnersOsv•added 2026/04/07 6:4 p.m.•6 views

@fedify/botkit (>=0.4.0-dev.182 <=0.4.0-dev.183), @fedify/botkit-sqlite (>=0.4.0-dev.182 <=0.4.0-dev.183) +1 more potentially affected by CVE-2026-34148 via @fedify/fedify (>=2.0.0 <=2.0.7)

@fedify/fedify NPM version =2.0.0, =0.4.0-dev.182, =0.4.0-dev.182, =2.0.0, =2.0.18 Source cves: CVE-2026-34148 Source advisory: SNYK:JS-FEDIFYFEDIFY-15928876...

7.5CVSS5.4AI score0.00551EPSS

Exploits1

vulnersOsv•added 2026/04/07 6:4 p.m.•5 views

@fedify/botkit (>=0.4.0-dev.184 <=0.4.0-dev.185), @fedify/botkit-sqlite (>=0.4.0-dev.184 <=0.4.0-dev.185) +1 more potentially affected by CVE-2026-34148 via @fedify/fedify (=2.1.0)

7.5CVSS5.8AI score0.00551EPSS

Exploits1

vulnersOsv•added 2026/04/07 6:4 p.m.•11 views

@fedify/botkit (>=0.4.0-dev.184 <=0.4.0-dev.185), @fedify/botkit-sqlite (>=0.4.0-dev.184 <=0.4.0-dev.185) +5 more potentially affected by CVE-2026-34148 via @fedify/vocab-runtime (=2.1.0)

7.5CVSS5.8AI score0.00551EPSS

Exploits1

vulnersOsv•added 2026/04/07 6:4 p.m.•8 views

@fedify/botkit (>=0.4.0-dev.182 <=0.4.0-dev.183), @fedify/botkit-sqlite (>=0.4.0-dev.182 <=0.4.0-dev.183) +5 more potentially affected by CVE-2026-34148 via @fedify/vocab-runtime (>=2.0.0-dev.100 <=2.0.7)

@fedify/vocab-runtime NPM version =2.0.0-dev.100, =0.4.0-dev.182, =0.4.0-dev.182, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.18 Source cves: CVE-2026-34148 Source advisory: SNYK:JS-FEDIFYVOCABRUNTIME-15928877...

7.5CVSS5.4AI score0.00551EPSS

Exploits1

RedhatCVE•added 2026/01/09 9:16 a.m.•4 views

CVE-2025-13887

The AI BotKit – AI Chatbot & Live Support for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter in the aibotkitwidget shortcode in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS5AI score0.00188EPSS

Exploits0References1

NVD•added 2026/01/07 12:16 p.m.•3 views

CVE-2025-13887

6.4CVSS0.00188EPSS

Exploits0References4

Vulnrichment•added 2026/01/07 9:20 a.m.•2 views

CVE-2025-13887 AI BotKit <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

6.4CVSS4.7AI score0.00188EPSS

Exploits0References3

Cvelist•added 2026/01/07 9:20 a.m.•23 views

CVE-2025-13887 AI BotKit <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

6.4CVSS0.00188EPSS

Exploits0References4

CVE•added 2026/01/07 9:20 a.m.•16 views

CVE-2025-13887

CVE-2025-13887 affects the WordPress plugin AI BotKit – AI Chatbot for WordPress. It is a Stored Cross-Site Scripting vulnerability via the query parameter 'id' in the ai_botkit_widget shortcode, exploitable by authenticated users with Contributor-level access and above. Affected versions: all un...

6.4CVSS4.7AI score0.00188EPSS

Exploits0References4

CNNVD•added 2026/01/07 12:0 a.m.•2 views

WordPress plugin AI BotKit – AI Chatbot & Live Support for WordPress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.8AI score0.00188EPSS

Exploits0References3

Patchstack•added 2026/01/06 11:1 p.m.•4 views

WordPress AI BotKit plugin <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by theviper17y in WordPress Plugin AI BotKit versions = 1.1.7...

6.4CVSS5.8AI score0.00188EPSS

Exploits0References1Affected Software1

vulnersOsv•added 2025/12/22 9:36 p.m.•6 views

@fedify/botkit (>=0.3.0-dev.125 <=0.3.0-dev.131) potentially affected by CVE-2025-68475 via @fedify/fedify (=1.8.1-dev.1262)

@fedify/fedify NPM version =1.8.1-dev.1262 is affected by a known vulnerability. The following packages have a transitive dependency on @fedify/fedify and may be impacted: - @fedify/botkit =0.3.0-dev.125, =0.3.0-dev.131 Source cves: CVE-2025-68475 Source advisory: OSV:GHSA-RCHF-XWX2-HM93...

7.5CVSS5.8AI score0.00481EPSS

Exploits1

vulnersOsv•added 2025/12/22 9:36 p.m.•10 views

@fedify/botkit (>=0.3.0-dev.125 <=0.3.0-dev.131) potentially affected by CVE-2025-68475 via @fedify/fedify (=1.8.1-dev.1262)

7.5CVSS5.8AI score0.00481EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by