CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-39496

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00137EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-57394

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00114EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 2:39 a.m.•0 views

CVE-2023-5051

The CallRail Phone Call Tracking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'callrailform' shortcode in versions up to, and including, 0.5.2 due to insufficient input sanitization and output escaping on the 'formid' user supplied attribute. This makes it possible fo...

6.4CVSS6.1AI score0.00114EPSS

Exploits0References1

WPVulnDB•added 2023/11/23 12:0 a.m.•10 views

CallRail Phone Call Tracking < 0.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The CallRail Phone Call Tracking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'callrailform' shortcode in versions up to, and including, 0.5.2 due to insufficient input sanitization and output escaping on the 'formid' user supplied attribute. This makes it...

6.4CVSS5.9AI score0.00114EPSS

Exploits0References1Affected Software1

OSV•added 2023/10/27 4:15 a.m.•0 views

CVE-2023-5051

5.4CVSS7AI score

Exploits0References3

NVD•added 2023/10/27 4:15 a.m.•11 views

CVE-2023-5051

6.4CVSS5.7AI score0.00114EPSS

Exploits0References3

Prion•added 2023/10/27 4:15 a.m.•7 views

Cross site scripting

4.9CVSS5.2AI score0.00114EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2023/10/27 3:16 a.m.•4 views

CVE-2023-5051 CallRail Phone Call Tracking <= 0.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

6.4CVSS6.8AI score0.00114EPSS

Exploits0References3

Cvelist•added 2023/10/27 3:16 a.m.•12 views

CVE-2023-5051 CallRail Phone Call Tracking <= 0.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

6.4CVSS5.8AI score0.00114EPSS

Exploits0References3

CVE•added 2023/10/27 3:16 a.m.•80 views

CVE-2023-5051

CVE-2023-5051 affects CallRail Phone Call Tracking for WordPress. It is a Stored XSS via the callrail_form shortcode in versions ≤ 0.5.2 due to insufficient input sanitization and output escaping on the form_id attribute. Authenticated attackers with contributor+ permissions can inject scripts ex...

6.4CVSS5.2AI score0.00114EPSS

Exploits0References3Affected Software1

CNNVD•added 2023/10/27 12:0 a.m.•0 views

WordPress plugin CallRail Phone Call Tracking Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS6AI score0.00114EPSS

Exploits0References4

Positive Technologies•added 2023/10/27 12:0 a.m.•2 views

PT-2023-31581 · Callrail · Callrail Phone Call Tracking Plugin

Name of the Vulnerable Software and Affected Versions: CallRail Phone Call Tracking plugin for WordPress versions up to, and including, 0.5.2 Description: The issue arises from insufficient input sanitization and output escaping on the form id user-supplied attribute in the 'callrail form'...

6.4CVSS6.1AI score0.00114EPSS

Exploits0References5

Patchstack•added 2023/10/24 12:0 a.m.•10 views

WordPress CallRail Phone Call Tracking Plugin <= 0.5.2 is vulnerable to Cross Site Scripting (XSS)

Software CallRail Phone Call Tracking Type Plugin Vulnerable versions = 0.5.2 Fixed in 0.5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5051 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 24b6ce22a9c3 Credits István Márt...

6.4CVSS5.7AI score0.00114EPSS

Exploits0References3Affected Software1

NVD•added 2022/09/01 5:15 p.m.•8 views

CVE-2022-36796

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS in CallRail, Inc. CallRail Phone Call Tracking plugin = 0.4.9 at WordPress...

6.1CVSS0.00137EPSS

Exploits0References2

OSV•added 2022/09/01 5:15 p.m.•0 views

CVE-2022-36796

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS in CallRail, Inc. CallRail Phone Call Tracking plugin = 0.4.9 at WordPress...

6.1CVSS5.8AI score0.00137EPSS

Exploits0References2

Prion•added 2022/09/01 5:15 p.m.•12 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS in CallRail, Inc. CallRail Phone Call Tracking plugin = 0.4.9 at WordPress...

5.8CVSS6.1AI score0.00137EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/09/01 4:49 p.m.•11 views

CVE-2022-36796 WordPress CallRail Phone Call Tracking plugin <= 0.4.9 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS in CallRail, Inc. CallRail Phone Call Tracking plugin = 0.4.9 at WordPress...

6.1CVSS6.3AI score0.00137EPSS

Exploits0References2

CVE•added 2022/09/01 4:49 p.m.•53 views

CVE-2022-36796

CVE-2022-36796 affects the CallRail Phone Call Tracking plugin for WordPress, version

6.1CVSS6.1AI score0.00137EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2022/09/01 4:49 p.m.•6 views

CVE-2022-36796 WordPress CallRail Phone Call Tracking plugin <= 0.4.9 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS in CallRail, Inc. CallRail Phone Call Tracking plugin = 0.4.9 at WordPress...

6.1CVSS6.1AI score0.00137EPSS

Exploits0References2

Positive Technologies•added 2022/09/01 12:0 a.m.•2 views

PT-2022-23631 · Callrail · Callrail Phone Call Tracking Plugin

Name of the Vulnerable Software and Affected Versions: CallRail Phone Call Tracking plugin versions = 0.4.9 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that leads to Stored Cross-Site Scripting XSS. This means an attacker can trick a user into performing unintended...

6.1CVSS6.1AI score0.00137EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by