CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media...

6.1CVSS7AI score0.0054EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 5:58 a.m.•1 views

CVE-2023-31071

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Yannick Lefebvre Modal Dialog plugin = 3.5.14 versions...

7.1CVSS5.8AI score0.00104EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 3:15 a.m.•1 views

CVE-2023-24001

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Yannick Lefebvre Modal Dialog plugin = 3.5.9 versions...

5.9CVSS5.2AI score0.00207EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:22 p.m.•3 views

CVE-2021-24600

The WP Dialog WordPress plugin through 1.2.5.5 does not sanitise and escape some of its settings before outputting them in pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.9AI score0.00225EPSS

Exploits2References1

OSV•added 2023/08/17 9:15 a.m.•0 views

CVE-2023-31071

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Yannick Lefebvre Modal Dialog plugin = 3.5.14 versions...

6.1CVSS7.3AI score0.00104EPSS

Exploits0References1

CVE•added 2023/08/17 8:41 a.m.•30 views

CVE-2023-31071

CVE-2023-31071 is an unauthenticated reflected XSS in the WordPress Modal Dialog plugin, affecting versions

7.1CVSS6AI score0.00104EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/08/17 12:0 a.m.•1 views

WordPress plugin Modal Dialog 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6.9AI score0.00104EPSS

Exploits0References2

NVD•added 2023/04/06 8:15 a.m.•10 views

CVE-2023-24001

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Yannick Lefebvre Modal Dialog plugin = 3.5.9 versions...

5.9CVSS5.4AI score0.00207EPSS

Exploits0References1

OSV•added 2023/04/06 8:15 a.m.•2 views

CVE-2023-24001

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Yannick Lefebvre Modal Dialog plugin = 3.5.9 versions...

4.8CVSS5.8AI score0.00207EPSS

Exploits0References1

Cvelist•added 2023/04/06 7:50 a.m.•14 views

CVE-2023-24001 WordPress Modal Dialog Plugin <= 3.5.9 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Yannick Lefebvre Modal Dialog plugin = 3.5.9 versions...

5.9CVSS5.5AI score0.00207EPSS

Exploits0References1

CVE•added 2023/04/06 7:50 a.m.•37 views

CVE-2023-24001

The CVE-2023-24001 entry concerns the WordPress Modal Dialog Plugin (versions

5.9CVSS4.9AI score0.00207EPSS

Exploits0References1Affected Software1

OSV•added 2022/05/24 5:34 p.m.•18 views

GHSA-4M44-5J2G-XF64 Improper Neutralization of Input During Web Page Generation in CKEditor4

A cross-site scripting XSS vulnerability in the Color Dialog plugin for CKEditor 4.15.0 allows remote attackers to run arbitrary web script after persuading a user to copy and paste crafted HTML code into one of editor inputs...

6.1CVSS6.2AI score0.01007EPSS

Exploits0References8

RubySec•added 2022/05/24 12:0 a.m.•4 views

Improper Neutralization of Input During Web Page Generation in CKEditor4

6.1CVSS6AI score0.01007EPSS

Exploits0References1Affected Software1

OSV•added 2022/03/16 5:15 p.m.•1 views

DEBIAN-CVE-2022-24729

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the dialog plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a brows...

7.5CVSS6.7AI score0.01115EPSS

Exploits0References1

OSV•added 2022/03/16 5:15 p.m.•0 views

UBUNTU-CVE-2022-24729

7.5CVSS6.7AI score0.01115EPSS

Exploits0References3