Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

RedhatCVE
RedhatCVEadded 2026/02/21 7:30 p.m.2 views

CVE-2025-67978

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FixBD Educare educare allows Reflected XSS.This issue affects Educare: from n/a through = 1.6.1...

7.1CVSS5.5AI score0.00045EPSS
Exploits0References1
NVD
NVDadded 2026/02/20 4:22 p.m.2 views

CVE-2025-67978

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FixBD Educare educare allows Reflected XSS.This issue affects Educare: from n/a through = 1.6.1...

7.1CVSS0.00045EPSS
Exploits0References1
CVE
CVEadded 2026/02/20 3:46 p.m.6 views

CVE-2025-67978

CVE-2025-67978 is a WordPress Educare plugin vulnerability (educare) with Cross-Site Scripting (XSS) affecting versions up to and including 1.6.1. The root cause is improper neutralization of input during web page generation, enabling XSS payloads to be reflected in generated pages. Public source...

7.1CVSS5.5AI score0.00045EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/02/20 3:46 p.m.19 views

CVE-2025-67978 WordPress Educare plugin <= 1.6.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FixBD Educare educare allows Reflected XSS.This issue affects Educare: from n/a through = 1.6.1...

7.1CVSS0.00045EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/02/20 3:46 p.m.2 views

CVE-2025-67978 WordPress Educare plugin <= 1.6.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FixBD Educare educare allows Reflected XSS.This issue affects Educare: from n/a through = 1.6.1...

5.3AI score0.00045EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/02/20 12:0 a.m.4 views

WordPress plugin Educare 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

7.1CVSS5.7AI score0.00045EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/02/20 12:0 a.m.4 views

PT-2026-21051

Name of the Vulnerable Software and Affected Versions FixBD Educare versions through 1.6.1 Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-site Scripting XSS issue. This allows for the injection of malicious...

6AI score0.00045EPSS
Exploits0References3
Patchstack
Patchstackadded 2026/01/28 8:46 a.m.4 views

WordPress Educare plugin <= 1.6.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by hhhai in WordPress Plugin Educare versions = 1.6.1...

7.1CVSS5.9AI score0.00045EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVEadded 2025/10/28 12:27 a.m.7 views

CVE-2025-60982

IDOR vulnerability in Educare ERP 1.0 2025-04-22 allows unauthorized access to sensitive data via manipulated object references. Affected endpoints do not enforce proper authorization checks, allowing authenticated users to access or modify data belonging to other users by changing object...

5.4CVSS6.5AI score0.00041EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/27 6:31 p.m.2 views

EUVD-2025-36220

IDOR vulnerability in Educare ERP 1.0 2025-04-22 allows unauthorized access to sensitive data via manipulated object references. Affected endpoints do not enforce proper authorization checks, allowing authenticated users to access or modify data belonging to other users by changing object...

5.4CVSS6.1AI score0.00041EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/10/27 12:0 a.m.4 views

CVE-2025-60982

IDOR vulnerability in Educare ERP 1.0 2025-04-22 allows unauthorized access to sensitive data via manipulated object references. Affected endpoints do not enforce proper authorization checks, allowing authenticated users to access or modify data belonging to other users by changing object...

0.00041EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/10/27 12:0 a.m.2 views

Educare Education Management System 安全漏洞

Educare Education Management System is a course management online platform from Educare Nigeria. A security vulnerability exists in the Educare Education Management System version 1.0 that stems from a failure to perform proper authorization checks, which could result in unauthorized access or...

5.4CVSS6.3AI score0.00041EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/10/27 12:0 a.m.2 views

PT-2025-43998

Name of the Vulnerable Software and Affected Versions Educare ERP version 1.0 Description An IDOR Insecure Direct Object Reference vulnerability exists that allows unauthorized access to sensitive data through manipulated object references. Affected API endpoints do not enforce proper authorizati...

5.4CVSS6.1AI score0.00041EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/10/27 12:0 a.m.2 views

CVE-2025-60982

IDOR vulnerability in Educare ERP 1.0 2025-04-22 allows unauthorized access to sensitive data via manipulated object references. Affected endpoints do not enforce proper authorization checks, allowing authenticated users to access or modify data belonging to other users by changing object...

6.2AI score0.00041EPSS
Exploits0References2
CVE
CVEadded 2025/10/27 12:0 a.m.8 views

CVE-2025-60982

CVE-2025-60982 is an IDOR vulnerability in Educare ERP 1.0. Affected API endpoints fail to enforce authorization, allowing authenticated users to access or modify data belonging to other users by altering object identifiers. The issue is described consistently across multiple feeds (Red Hat, ENIS...

5.4CVSS6.2AI score0.00041EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-29858

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00099EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 6:10 a.m.3 views

CVE-2023-25971

Cross-Site Request Forgery CSRF vulnerability in FixBD Educare plugin = 1.4.1 versions...

8.8CVSS8.9AI score0.00099EPSS
Exploits0References1
WPVulnDB
WPVulnDBadded 2023/11/29 12:0 a.m.9 views

Educare < 1.4.7 - Missing Authorization to Sensitive Information Exposure

Description The Educare plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the educaregetdatafromstudents function in versions up to, and including, 1.4.6. This makes it possible for authenticated attackers, with subscriber-level permissions and...

6.5AI score
Exploits0References1Affected Software1
OSV
OSVadded 2023/05/26 12:15 p.m.2 views

CVE-2023-25971

Cross-Site Request Forgery CSRF vulnerability in FixBD Educare plugin = 1.4.1 versions...

8.8CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2023/05/26 12:15 p.m.11 views

CVE-2023-25971

Cross-Site Request Forgery CSRF vulnerability in FixBD Educare plugin = 1.4.1 versions...

8.8CVSS5.8AI score0.00099EPSS
Exploits0References1
Rows per page
Query Builder