CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-26137

Malicious code in bioql PyPI...

6.5CVSS8.7AI score0.00084EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:0 a.m.•3 views

CVE-2024-29098

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Calameo WP Calameo allows Stored XSS.This issue affects WP Calameo: from n/a through 2.1.7...

6.5CVSS8.6AI score0.00084EPSS

Exploits0References1

WPVulnDB•added 2024/03/20 12:0 a.m.•13 views

WP Calameo < 2.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The WP Calameo plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject...

6.5CVSS5.8AI score0.00084EPSS

Exploits0References1Affected Software1

NVD•added 2024/03/19 4:15 p.m.•4 views

CVE-2024-29098

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Calameo WP Calameo allows Stored XSS.This issue affects WP Calameo: from n/a through 2.1.7...

6.5CVSS6.4AI score0.00084EPSS

Exploits0References1

Vulnrichment•added 2024/03/19 3:57 p.m.•9 views

CVE-2024-29098 WordPress WP Calameo plugin <= 2.1.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Calameo WP Calameo allows Stored XSS.This issue affects WP Calameo: from n/a through 2.1.7...

6.5CVSS6.7AI score0.00084EPSS

Exploits0References1

Cvelist•added 2024/03/19 3:57 p.m.•13 views

CVE-2024-29098 WordPress WP Calameo plugin <= 2.1.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Calameo WP Calameo allows Stored XSS.This issue affects WP Calameo: from n/a through 2.1.7...

6.5CVSS6.6AI score0.00084EPSS

Exploits0References1

CVE•added 2024/03/19 3:57 p.m.•49 views

CVE-2024-29098

CVE-2024-29098: Stored XSS in WP Calameo (Calameo WP Calameo plugin) due to improper input handling during web page generation. Affected: WP Calameo

6.5CVSS8.6AI score0.00084EPSS

Exploits0References1

CNNVD•added 2024/03/19 12:0 a.m.•0 views

WordPress Plugin WP Calameo Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin WP Calameo is vulnerable t...

6.5CVSS5.9AI score0.00084EPSS

Exploits0References2

Patchstack•added 2024/03/15 12:0 a.m.•7 views

WordPress WP Calameo Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS)

Software WP Calameo Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29098 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e6c0b84991b1 Credits Ray Wilson Required privilege Contributor...

6.5CVSS6.6AI score0.00084EPSS

Exploits0References2Affected Software1

WPVulnDB•added 2014/08/01 10:59 a.m.•12 views

Manage Calameo Publications 1.1.0 - thickbox_content.php attachment_id Parameter Reflected XSS

The Manage Calameo Publications by Athlon WordPress plugin was affected by a thickboxcontent.php attachmentid Parameter Reflected XSS security vulnerability...

2.4AI score

Exploits0Affected Software1

Patchstack•added 2014/08/01 12:0 a.m.•5 views

WordPress Manage Calameo Publications Plugin <= 1.1.0 - Reflected XSS

This plugin is prone to a cross site scripting vulnerability in thickboxcontent.php attachmentid parameter. Solution Update the plugin...

2AI score

Exploits0References1Affected Software1

Patchstack•added 2014/08/01 12:0 a.m.•9 views

WordPress Manage Calameo Publications Plugin <= 1.1.0 - Reflected XSS

This plugin is prone to a cross site scripting vulnerability in thickboxcontent.php attachmentid parameter. Solution Update the plugin...

2AI score

Exploits0References1Affected Software1