CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

84 matches found

Patchstack•added 2026/01/30 6:21 a.m.•6 views

WordPress Favicon Generator plugin < 2.1 - Arbitrary File Deletion via CSRF vulnerability

Arbitrary File Deletion via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Favicon Generator versions 2.1...

6.5CVSS5.9AI score0.0016EPSS

Exploits1References1Affected Software1

Patchstack•added 2025/05/19 2:31 a.m.•4 views

WordPress Custom Author Base plugin <= 1.1.1 - Settings Update via CSRF vulnerability

Settings Update via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Custom Author Base versions = 1.1.1...

4.3CVSS6.8AI score0.00186EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/09/17 10:2 a.m.•3 views

WordPress Accordion Image Menu plugin <= 3.1.3 - Stored XSS via CSRF vulnerability

Stored XSS via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Accordion Image Menu versions = 3.1.3...

5.4CVSS6AI score0.00185EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/09/12 10:42 a.m.•3 views

WordPress MM-Breaking News plugin <= 0.7.9 - Stored XSS via CSRF vulnerability

Stored XSS via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin MM-Breaking News versions = 0.7.9...

6.1CVSS6AI score0.00253EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/09/12 10:40 a.m.•3 views

WordPress Visual Sound plugin <= 1.03 - Settings Update via CSRF vulnerability

Settings Update via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Visual Sound versions = 1.03...

6.5CVSS7AI score0.00167EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/09/12 10:39 a.m.•3 views

WordPress Quick Code plugin <= 1.0 - Stored XSS via CSRF vulnerability

Stored XSS via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Quick Code versions = 1.0...

6.1CVSS6.2AI score0.00167EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/08/29 1:14 a.m.•1 views

WordPress Enhanced Search Box plugin <= 0.6.1 - Settings Update via CSRF vulnerability

Settings Update via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Enhanced Search Box versions = 0.6.1...

6.5CVSS7AI score0.00121EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/08/29 1:13 a.m.•1 views

WordPress Review Ratings plugin <= 1.6 - Stored XSS via CSRF vulnerability

Stored XSS via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Review Ratings versions = 1.6...

6.1CVSS6AI score0.00162EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/08/29 1:9 a.m.•2 views

WordPress Visual Sound (old) plugin <= 1.06 - Settings Update via CSRF vulnerability

Settings Update via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Visual Sound old versions = 1.06...

6.5CVSS7AI score0.00087EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/08/29 1:8 a.m.•2 views

WordPress infolinks Ad Wrap plugin <= 1.0.2 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Daniel Ruf in WordPress Plugin infolinks Ad Wrap versions = 1.0.2...

6.5CVSS7AI score0.00069EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/08/29 12:0 a.m.•10 views

WordPress Special Feed Items Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Special Feed Items Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-8051 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 998826800645 Credits Daniel Ruf Required...

5.7CVSS6.7AI score0.00081EPSS

Exploits1References3Affected Software1

Patchstack•added 2024/08/28 3:14 a.m.•3 views

WordPress Favicon Generator plugin < 2.1 - Arbitrary File Upload via CSRF vulnerability

Arbitrary File Upload via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Favicon Generator versions 2.1...

8.1CVSS7.1AI score0.00197EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/08/27 1:41 a.m.•2 views

WordPress Simple Headline Rotator plugin <= 1.0 - Stored XSS via CSRF vulnerability

Stored XSS via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Simple Headline Rotator versions = 1.0...

6.1CVSS6AI score0.00182EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/08/27 1:40 a.m.•2 views

WordPress Misiek Paypal plugin <= 1.1.20090324 - Stored XSS via CSRF vulnerability

Stored XSS via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Misiek Paypal versions = 1.1.20090324...

6.1CVSS6AI score0.00182EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/08/27 1:39 a.m.•2 views

WordPress ILC Thickbox plugin <= 1.0 - Settings update via CSRF vulnerability

Settings update via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin ILC Thickbox versions = 1.0...

6.5CVSS7.1AI score0.00123EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/08/27 1:37 a.m.•0 views

WordPress Misiek Photo Album plugin <= 1.4.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by Daniel Ruf in WordPress Plugin Misiek Photo Album versions = 1.4.3...

6.1CVSS5.9AI score0.00182EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/08/27 1:36 a.m.•1 views

WordPress Blog Introduction plugin <= 0.3.0 - Settings Update via CSRF vulnerability

Settings Update via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Blog Introduction versions = 0.3.0...

6.5CVSS7AI score0.00134EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/08/27 1:26 a.m.•3 views

WordPress Gixaw Chat plugin <= 1.0 - Stored XSS via CSRF vulnerability

Stored XSS via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Gixaw Chat versions = 1.0...

6.1CVSS6AI score0.00167EPSS

Exploits1References1Affected Software1

Patchstack•added 2024/08/27 12:0 a.m.•9 views

WordPress Blog Introduction Plugin <= 0.3.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Blog Introduction Type Plugin Vulnerable versions = 0.3.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7862 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b5cd399b1013 Credits Daniel Ruf Required...

6.5CVSS6.7AI score0.00134EPSS

Exploits1References3Affected Software1

Patchstack•added 2024/08/27 12:0 a.m.•11 views

WordPress Gixaw Chat Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Gixaw Chat Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7816 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID aa72a581011b Credits Daniel Ruf Required privilege...

6.1CVSS6.7AI score0.00167EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by