CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

226 matches found

RedhatCVE•added 2026/04/23 8:28 p.m.•1 views

CVE-2025-53444

Cross-Site Request Forgery CSRF vulnerability in DeluxeThemes Userpro userpro allows Cross Site Request Forgery.This issue affects Userpro: from n/a through 5.1.11...

4.3CVSS5.8AI score0.00017EPSS

Exploits0References1

NVD•added 2026/04/15 4:16 p.m.•3 views

CVE-2025-53444

Cross-Site Request Forgery CSRF vulnerability in DeluxeThemes Userpro userpro allows Cross Site Request Forgery.This issue affects Userpro: from n/a through 5.1.11...

4.3CVSS0.00017EPSS

Exploits0References1

Positive Technologies•added 2026/04/15 12:0 a.m.•5 views

PT-2026-33076

Name of the Vulnerable Software and Affected Versions Userpro versions prior to 5.1.11 Description A Cross-Site Request Forgery CSRF flaw in DeluxeThemes Userpro allows an attacker to induce a user to perform actions they did not intend to. CSRF is a technique where a malicious site tricks a user...

4.3CVSS5.1AI score0.00017EPSS

Exploits0References5

OSV•added 2026/02/02 5:19 a.m.•1 views

MAL-2026-632 Malicious code in cowsay-deluxe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23689b5603efd5f0d639b4d6767c885941794f801324da60cbbe76afa159c139 The package cowsay-deluxe was found to contain malicious code...

5.8AI score

Exploits0

OSSF Malicious Packages•added 2026/02/02 5:19 a.m.•5 views

Malicious code in cowsay-deluxe (npm)

5.8AI score

Exploits0

OSV•added 2026/01/16 11:59 a.m.•1 views

OESA-2026-1115 gimp security update

The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...

7.8CVSS7.3AI score0.001EPSS

Exploits1References5

RedhatCVE•added 2026/01/09 9:36 a.m.•1 views

CVE-2024-34532

A SQL injection vulnerability in Yvan Dotet PostgreSQL Query Deluxe module aka querydeluxe 17.x before 17.0.0.4 allows a remote attacker to gain privileges via the query parameter to models/querydeluxe.py:QueryDeluxe::getresultfromquery...

9.8CVSS9.8AI score0.00358EPSS

Exploits0References1

NVD•added 2025/12/24 1:16 p.m.•2 views

CVE-2025-68608

Missing Authorization vulnerability in DeluxeThemes Userpro userpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Userpro: from n/a through = 5.1.9...

7.5CVSS0.00038EPSS

Exploits0References1