CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2025/03/27 10:54 a.m.•8 views

CVE-2025-30770 WordPress Charitable plugin <= 1.8.4.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi Charitable charitable allows DOM-Based XSS.This issue affects Charitable: from n/a through = 1.8.4.7...

6.5CVSS7.2AI score0.00322EPSS

Cvelist•added 2025/03/27 10:54 a.m.•15 views

CVE-2025-30770 WordPress Charitable plugin <= 1.8.4.7 - Cross Site Scripting (XSS) Vulnerability

6.5CVSS0.00322EPSS

CNNVD•added 2025/03/27 12:0 a.m.•1 views

WordPress plugin Charitable 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS8.1AI score0.00322EPSS

Exploits0References2

Patchstack•added 2025/03/26 11:41 p.m.•3 views

WordPress Charitable plugin <= 1.8.4.7 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Charitable versions = 1.8.4.7...

6.5CVSS6.2AI score0.00322EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/02/06 12:6 a.m.•9 views

CVE-2022-47441

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Charitable Donations & Fundraising Team Donation Forms by Charitable plugin = 1.7.0.10 versions...

7.1CVSS5.8AI score0.00382EPSS

NVD•added 2025/02/03 10:15 p.m.•32 views

CVE-2025-24901

WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, deletarpermissao.php endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive information...

9.4CVSS0.00515EPSS

Exploits1References1

NVD•added 2025/02/03 10:15 p.m.•35 views

CVE-2025-24902

WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, salvarcargo.php endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive information. Thi...

9.4CVSS0.00539EPSS

Cvelist•added 2025/01/20 3:47 p.m.•39 views

CVE-2025-23219 WeGIA has a SQL Injection endpoint 'adicionar_cor.php' parameter 'cor'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionarcor.php endpoint. This vulnerability allows attackers to execute arbitrary SQL commands in t...

10CVSS0.00579EPSS

NVD•added 2025/01/14 1:15 a.m.•18 views

CVE-2025-23034

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the tags.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msge...

6.4CVSS0.00295EPSS

OSV•added 2025/01/13 11:35 p.m.•11 views

CVE-2025-23038 Cross-Site Scripting (XSS) Stored endpoint 'remuneracao.php ' parameter 'descricao' in WeGIA

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting XSS vulnerability was identified in the remuneracao.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into th...

6.4CVSS5.3AI score0.00273EPSS

OSV•added 2025/01/13 11:32 p.m.•10 views

CVE-2025-23032 Cross-Site Scripting (XSS) Stored endpoint 'adicionar_escala.php' parameter 'escala' in WeGIA

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting XSS vulnerability was identified in the adicionarescala.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts int...

6.4CVSS5.3AI score0.00273EPSS

OSV•added 2025/01/13 11:31 p.m.•9 views

CVE-2025-23034 Cross-Site Scripting (XSS) Reflected endpoint 'tags.php' parameter 'msg_e' in WeGIA

6.4CVSS6AI score0.00295EPSS

OSV•added 2025/01/13 11:29 p.m.•12 views

CVE-2025-23037 Cross-Site Scripting (XSS) Stored endpoint 'control.php' parameter 'cargo' in WeGIA

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting XSS vulnerability was identified in the control.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the...

6.4CVSS5.3AI score0.00311EPSS

NVD•added 2025/01/13 9:15 p.m.•10 views

CVE-2025-22618

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting XSS vulnerability was identified in the adicionarcargo.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into...

6.4CVSS0.00319EPSS

NVD•added 2025/01/08 7:15 p.m.•15 views

CVE-2025-22141

WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /dao/verificarrecursoscargo.php endpoint, specifically in the cargo parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity...

9.4CVSS0.0065EPSS

OSV•added 2025/01/08 6:27 p.m.•12 views

CVE-2025-22141 WeGIA SQL Injection (Blind Time-Based) endpoint 'verificar_recursos_cargo.php' parameter 'cargo'

9.4CVSS8.2AI score0.0065EPSS