CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

Patchstack•added 2025/12/15 1:30 p.m.•4 views

WordPress CWW Companion plugin <= 1.3.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin CWW Companion versions = 1.3.2...

8.8CVSS7AI score0.00015EPSS

Exploits0Affected Software1

CVE•added 2025/12/09 2:13 p.m.•9 views

CVE-2025-67473

Technical details for CVE-2025-67473 are not publicly provided in the supplied documents. No vendor, product version, impact, or remediation details are present in the connected sources. Monitor for updates and authoritative disclosures.

4.3CVSS6.5AI score0.00015EPSS

Exploits0References1

Vulnrichment•added 2025/12/09 2:13 p.m.•1 views

CVE-2025-67473 WordPress CWW Companion plugin <= 1.3.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in codeworkweb CWW Companion cww-companion allows Cross Site Request Forgery.This issue affects CWW Companion: from n/a through = 1.3.2...

4.3CVSS6.5AI score0.00015EPSS

Exploits0References1

Cvelist•added 2025/12/09 2:13 p.m.•17 views

CVE-2025-67473 WordPress CWW Companion plugin <= 1.3.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in codeworkweb CWW Companion cww-companion allows Cross Site Request Forgery.This issue affects CWW Companion: from n/a through = 1.3.2...

4.3CVSS0.00015EPSS

Exploits0References1

CNNVD•added 2025/12/09 12:0 a.m.•1 views

WordPress plugin CWW Companion 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

4.3CVSS6.6AI score0.00015EPSS

Exploits0References1

Positive Technologies•added 2025/12/09 12:0 a.m.•2 views

PT-2025-49889

CVE-2025-67473 Cross-Site Request Forgery CSRF vulnerability in codeworkweb CWW Companion cww-companion allows Cross Site Request Forgery.This issue affects CWW Companion: from n/… https://t.co/oYg89RTUP9...

8.8CVSS6.8AI score0.00015EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-27094

Malicious code in bioql PyPI...

6.4CVSS7.2AI score0.00082EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2025-12069

Malicious code in bioql PyPI...

7.5CVSS8.2AI score0.00852EPSS

Exploits0References2

Cvelist•added 2025/04/24 4:8 p.m.•12 views

CVE-2025-39359 WordPress CWW Portfolio theme <= 1.3.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in codeworkweb CWW Portfolio cww-portfolio allows PHP Local File Inclusion.This issue affects CWW Portfolio: from n/a through = 1.3.1...

7.5CVSS0.00852EPSS

Exploits0References1

Positive Technologies•added 2025/04/24 12:0 a.m.•2 views

PT-2025-17741 · Unknown · Cww Portfolio

Name of the Vulnerable Software and Affected Versions: CWW Portfolio versions 1.3.1 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion. This...

7.5CVSS7.9AI score0.00852EPSS

Exploits0References4

CNNVD•added 2025/04/24 12:0 a.m.•1 views

WordPress plugin CWW Portfolio 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.5CVSS7.8AI score0.00852EPSS

Exploits0References1

Patchstack•added 2025/04/21 11:5 a.m.•1 views

WordPress CWW Portfolio theme <= 1.3.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Theme CWW Portfolio versions = 1.3.1...

7.5CVSS7AI score0.00852EPSS

Exploits0Affected Software1

CVE•added 2024/03/12 7:32 p.m.•57 views

CVE-2024-2130

CVE-2024-2130 affects the CWW Companion WordPress plugin. It is a Stored XSS via the Module2 widget in versions up to 1.2.7 caused by insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires contributor-level or higher authentication and can inject sc...

6.4CVSS6AI score0.00082EPSS

Exploits0References2Affected Software1

CNNVD•added 2024/03/12 12:0 a.m.•2 views

WordPress Plugin CWW Companion Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

6.4CVSS6.8AI score0.00082EPSS

Exploits0References4

Patchstack•added 2024/03/12 12:0 a.m.•8 views

WordPress CWW Companion Plugin <= 1.2.7 is vulnerable to Cross Site Scripting (XSS)

Software CWW Companion Type Plugin Vulnerable versions = 1.2.7 Fixed in 1.2.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2130 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 885abf006ca4 Credits Francesco Carlucci Require...

6.4CVSS5.7AI score0.00082EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2024/03/12 12:0 a.m.•3 views

PT-2024-18852 · WordPress · Cww Companion

Name of the Vulnerable Software and Affected Versions: CWW Companion plugin for WordPress versions up to, and including, 1.2.7 Description: The issue is related to Stored Cross-Site Scripting via the Module2 widget due to insufficient input sanitization and output escaping on user-supplied...

6.4CVSS7.9AI score0.00082EPSS

Exploits0References4

Openbugbounty•added 2020/01/09 1:44 p.m.•6 views

woodsatsasan.com Improper Access Control vulnerability

Security Researcher geeknik Helped patch 8584 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting woodsatsasan.com website and its users. Following...

0.3AI score

Exploits0

CVE•added 2008/07/10 6:0 p.m.•38 views

CVE-2008-3122

Xerox CentreWare Web (CWW) before 4.6.46 is affected by multiple SQL injection vulnerabilities. Remote authenticated users can potentially execute arbitrary SQL commands via unspecified vectors. The issue is tied to the web-based IP printer management tool; affected component is the CWW applicati...

6.5CVSS8.1AI score0.00311EPSS

Exploits0References4Affected Software1

Cvelist•added 2008/07/10 6:0 p.m.•15 views

CVE-2008-3122

Multiple SQL injection vulnerabilities in Xerox CentreWare Web CWW before 4.6.46 allow remote authenticated users to execute arbitrary SQL commands via the unspecified vectors...

8.1AI score0.00311EPSS

Exploits0References4

CVE•added 2008/07/10 6:0 p.m.•44 views

CVE-2008-3121

Xerox CentreWare Web (CWW) vulnerable to multiple cross-site scripting (XSS) flaws in versions prior to 4.6.46. Remote authenticated users can inject arbitrary script/HTML via unspecified vectors. Impact is partial integrity; no explicit exploitation details are provided. Remediation: upgrade to ...

4.3CVSS5.4AI score0.00285EPSS

Exploits0References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by