CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-34895

Malicious code in bioql PyPI...

4.3CVSS9.1AI score0.00064EPSS

Exploits0References1

RedhatCVE•added 2025/07/28 7:34 a.m.•5 views

CVE-2025-5529

The Educenter theme for WordPress is vulnerable to Stored Cross-Site Scripting via the Circle Counter Block in all versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

6.4CVSS5.5AI score0.00163EPSS

Exploits0References1

NVD•added 2025/07/26 8:15 a.m.•2 views

CVE-2025-5529

6.4CVSS0.00163EPSS

Exploits0References3

Vulnrichment•added 2025/07/26 7:23 a.m.•2 views

CVE-2025-5529 Educenter <= 1.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS5.5AI score0.00163EPSS

Exploits0References3

CVE•added 2025/07/26 7:23 a.m.•11 views

CVE-2025-5529

CVE-2025-5529 concerns the Educenter WordPress theme. According to connected sources, the vulnerability is a stored cross-site scripting (XSS) in the Circle Counter Block affecting Educenter versions up to 1.6.2, caused by insufficient input sanitization and output escaping. Exploitation requires...

6.4CVSS5.6AI score0.00163EPSS

Exploits0References3

Cvelist•added 2025/07/26 7:23 a.m.•5 views

CVE-2025-5529 Educenter <= 1.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS0.00163EPSS

Exploits0References3

Positive Technologies•added 2025/07/26 12:0 a.m.•2 views

PT-2025-30967 · WordPress · Educenter

Name of the Vulnerable Software and Affected Versions: Educenter theme for WordPress versions prior to 1.6.3 Description: The Educenter theme for WordPress is susceptible to Stored Cross-Site Scripting through the Circle Counter Block. Insufficient input sanitization and output escaping allows...

6.4CVSS5.8AI score0.00163EPSS

Exploits0References5

CNNVD•added 2025/07/26 12:0 a.m.•1 views

WordPress plugin Educenter 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.7AI score0.00163EPSS

Exploits0References3

Patchstack•added 2025/07/25 10:0 p.m.•3 views

WordPress Educenter plugin <= 1.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Theme Educenter versions = 1.6.2...

6.4CVSS5.8AI score0.00163EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/07/25 12:0 a.m.•4 views

WordPress Educenter Theme <= 1.6.2 is vulnerable to Cross Site Scripting (XSS)

Software Educenter Type Theme Vulnerable versions = 1.6.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2025-5529 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8465b696cfd2 Credits Peter Thaleikis Required privileg...

6.4CVSS5.7AI score0.00163EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2025/05/23 3:43 a.m.•5 views

CVE-2023-30480

Missing Authorization vulnerability in Sparkle WP Educenter.This issue affects Educenter: from n/a through 1.5.5...

4.3CVSS8.6AI score0.00064EPSS

Exploits0References1

NVD•added 2024/03/25 5:15 a.m.•10 views

CVE-2023-30480

Missing Authorization vulnerability in Sparkle WP Educenter.This issue affects Educenter: from n/a through 1.5.5...

4.3CVSS4.7AI score0.00064EPSS

Exploits0References1

Vulnrichment•added 2024/03/25 4:48 a.m.•9 views

CVE-2023-30480 WordPress Educenter theme <= 1.5.5 - Broken Access Control

Missing Authorization vulnerability in Sparkle WP Educenter.This issue affects Educenter: from n/a through 1.5.5...

4.3CVSS7AI score0.00064EPSS

Exploits0References1

CVE•added 2024/03/25 4:48 a.m.•47 views

CVE-2023-30480

CVE-2023-30480 covers a Missing Authorization/Broken Access Control in the Sparkle WP Educenter theme (Educenter

4.3CVSS8.6AI score0.00064EPSS

Exploits0References1

Cvelist•added 2024/03/25 4:48 a.m.•18 views

CVE-2023-30480 WordPress Educenter theme <= 1.5.5 - Broken Access Control

Missing Authorization vulnerability in Sparkle WP Educenter.This issue affects Educenter: from n/a through 1.5.5...

4.3CVSS5AI score0.00064EPSS

Exploits0References1

CNNVD•added 2024/03/25 12:0 a.m.•2 views

WordPress Plugin Educenter 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

4.3CVSS8.3AI score0.00064EPSS

Exploits0References2

Positive Technologies•added 2024/03/24 12:0 a.m.•3 views

PT-2024-12238 · WordPress · Sparkle Wp Educenter

Name of the Vulnerable Software and Affected Versions: Sparkle WP Educenter versions 1.5.5 and earlier Description: The issue is related to a Missing Authorization vulnerability in Sparkle WP Educenter. Recommendations: For Sparkle WP Educenter versions 1.5.5 and earlier, update to a version that...

4.3CVSS9.3AI score0.00064EPSS

Exploits0References5

Patchstack•added 2023/04/14 12:0 a.m.•10 views

WordPress Educenter Theme <= 1.5.5 is vulnerable to Broken Access Control

Software Educenter Type Theme Vulnerable versions = 1.5.5 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-30480 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5f9286f8d48f Credits Dave Jong Patchstack Required privileg...

4.3CVSS6.9AI score0.00064EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by