CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Positive Technologies•added 2026/03/21 12:0 a.m.•2 views

PT-2026-26861

The Paypal Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'amount' and 'name' shortcode attributes in all versions up to, and including, 0.3. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. The swer...

6.4CVSS6AI score0.00054EPSS

Exploits0References8

RedhatCVE•added 2026/01/09 9:26 a.m.•2 views

CVE-2023-4945

The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in versions up to, and including, 7.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

6.4CVSS5.1AI score0.00096EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-33747

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00284EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-33982

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00171EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 9:29 a.m.•4 views

CVE-2024-12201

The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability check when creating form styles in all versions up to, and including, 1.2.1. This makes it possible for authenticated attackers, with Contributor-level access and above, ...

4.3CVSS6.5AI score0.00205EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by