CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Chop Chop Pop-Up Chop Chop pop-up allows PHP Local File Inclusion.This issue affects Pop-Up Chop Chop: from n/a through = 2.1.7...

7.5CVSS7.2AI score0.01091EPSS

Exploits0References1

Patchstack•added 2025/03/28 12:54 p.m.•2 views

WordPress Pop-Up Chop Chop plugin <= 2.1.7 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Pop-Up Chop Chop versions = 2.1.7...

7.5CVSS6.9AI score0.01091EPSS

Exploits0Affected Software1

NVD•added 2025/03/28 12:15 p.m.•6 views

CVE-2025-31432

7.5CVSS0.01091EPSS

Exploits0References1

Cvelist•added 2025/03/28 11:54 a.m.•15 views

CVE-2025-31432 WordPress Pop-Up Chop Chop plugin <= 2.1.7 - Local File Inclusion Vulnerability

7.5CVSS0.01091EPSS

Exploits0References1

Vulnrichment•added 2025/03/28 11:54 a.m.•14 views

CVE-2025-31432 WordPress Pop-Up Chop Chop <= 2.1.7 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Chop Chop Pop-Up Chop Chop allows PHP Local File Inclusion. This issue affects Pop-Up Chop Chop: from n/a through 2.1.7...

7.5CVSS7.4AI score0.01091EPSS

Exploits0References1

CVE•added 2025/03/28 11:54 a.m.•47 views

CVE-2025-31432

CVE-2025-31432 pertains to the WordPress plugin Pop-Up Chop Chop . The connected vulnerability details identify an authenticated, local file inclusion (LFI) flaw caused by improper control of the filename used in PHP include/require, enabling LFI on the plugin. Affected versions are up to 2.1.7, ...

7.5CVSS7.2AI score0.01091EPSS

Exploits0References1

CNNVD•added 2025/03/28 12:0 a.m.•2 views

WordPress plugin Pop-Up Chop Chop 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS8.5AI score0.01091EPSS

Exploits0References2

OSV•added 2023/09/01 12:15 p.m.•0 views

CVE-2023-37893

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Chop-Chop Coming Soon Chop Chop plugin = 2.2.4 versions...

6.1CVSS7.3AI score

Exploits0References1

NVD•added 2023/09/01 12:15 p.m.•8 views

CVE-2023-37893

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Chop-Chop Coming Soon Chop Chop plugin = 2.2.4 versions...

7.1CVSS6.2AI score0.00104EPSS

Exploits0References1

Prion•added 2023/09/01 12:15 p.m.•10 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Chop-Chop Coming Soon Chop Chop plugin = 2.2.4 versions...

5.8CVSS6AI score0.00104EPSS

Exploits0References1Affected Software1

CVE•added 2023/09/01 11:4 a.m.•39 views

CVE-2023-37893

CVE-2023-37893 is an unauthenticated reflected XSS in the Coming Soon Chop Chop WordPress plugin (cc-coming-soon) version ≤ 2.2.4. Root cause details are not provided in the initial document, but Patchstack notes indicate no fixed version yet (Fixed in: N/A). Public sources also confirm the vulne...

7.1CVSS6AI score0.00104EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/09/01 11:4 a.m.•11 views

CVE-2023-37893 WordPress Coming Soon Chop Chop Plugin <= 2.2.4 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Chop-Chop Coming Soon Chop Chop plugin = 2.2.4 versions...

7.1CVSS5.9AI score0.00104EPSS

Exploits0References1

CNNVD•added 2023/09/01 12:0 a.m.•2 views

WordPress plugin Coming Soon Chop Chop Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

7.1CVSS6AI score0.00104EPSS

Exploits0References2

Positive Technologies•added 2023/09/01 12:0 a.m.•2 views

PT-2023-26164 · Unknown · Chop-Chop Coming Soon Chop Chop

Name of the Vulnerable Software and Affected Versions: Chop-Chop Coming Soon Chop Chop plugin versions 2.2.4 and earlier Description: The issue is an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially...

7.1CVSS6.3AI score0.00104EPSS

Exploits0References5

Patchstack•added 2023/07/12 12:0 a.m.•9 views

WordPress Coming Soon Chop Chop Plugin <= 2.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Coming Soon Chop Chop Type Plugin Vulnerable versions = 2.2.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-37893 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7a25fdf76e34 Credits Phd Required...

7.1CVSS5.6AI score0.00104EPSS

Exploits0References1Affected Software1

NVD•added 2022/10/21 4:15 p.m.•11 views

CVE-2022-41638

Auth. Stored Cross-Site Scripting XSS in Pop-Up Chop Chop plugin = 2.1.7 on WordPress...

5.4CVSS0.00209EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by