CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

445 matches found

RedhatCVE•added 2026/01/09 9:25 a.m.•6 views

CVE-2023-4779

The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's uspgallery shortcode in versions up to, and including, 20230811 due to insufficient input sanitization and output escaping on user supplied attributes like 'before'. This makes it possible...

6.4CVSS5.8AI score0.00325EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:18 a.m.•9 views

CVE-2025-1690

The ThemeMakers Stripe Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'stripe' shortcode in versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.7AI score0.00263EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:14 a.m.•7 views

CVE-2024-2474

The Standout Color Boxes and Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'color-button' shortcode in all versions up to, and including, 0.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

6.4CVSS5.8AI score0.004EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:14 a.m.•10 views

CVE-2024-2121

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Carousel widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...

5.4CVSS5.8AI score0.0034EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-44103

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00314EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2023-57931

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00478EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2023-57958

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00508EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2023-54780

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00418EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-58030

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00603EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-57655

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00445EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-59186

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0044EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•7 views

EUVD-2023-58100

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00524EPSS

Exploits4References3

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2024-16015

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00316EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2024-33087

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00512EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•8 views

EUVD-2023-57879

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.01019EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-59048

Malicious code in bioql PyPI...

5CVSS6.6AI score0.00401EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-44099

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00322EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 10:45 a.m.•8 views

CVE-2024-9521

The SEO Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post meta in versions up to, and including, 1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level a...

6.4CVSS5.8AI score0.00276EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:11 a.m.•17 views

CVE-2024-2311

The Avada theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 7.11.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

6.4CVSS5.8AI score0.00688EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 10:10 a.m.•8 views

CVE-2024-0873

The Watu Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'watu-basic-chart' shortcode in all versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

6.4CVSS5.8AI score0.0048EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by