CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1601 matches found

RedhatCVE•added 2025/10/19 7:43 a.m.•63 views

CVE-2025-10750

The PowerBI Embed Reports plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 1.2.0. This is due to missing capability checks and authentication verification on the 'testUser' endpoint accessible via the moepbradminobserver function hooked ...

5.3CVSS5.4AI score0.00449EPSS

Exploits0References1

NVD•added 2025/10/18 8:15 a.m.•2 views

CVE-2025-10750

5.3CVSS0.00449EPSS

Exploits0References5

Cvelist•added 2025/10/18 7:26 a.m.•10 views

CVE-2025-10750 PowerBI Embed Reports <= 1.2.0 - Unauthenticated Sensitive Information Disclosure

5.3CVSS0.00449EPSS

Exploits0References5

CVE•added 2025/10/18 7:26 a.m.•19 views

CVE-2025-10750

The CVE CVE-2025-10750 concerns the WordPress PowerBI Embed Reports plugin (

5.3CVSS5AI score0.00449EPSS

Exploits0References5

NVD•added 2025/10/18 6:15 a.m.•3 views

CVE-2025-11857

The XX2WP Integration Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mxpfb2wpdisplayembed' shortcode in all versions up to, and including, 1.9.9. This is due to the plugin not properly sanitizing user input and output of the 'postid' parameter. This makes it...

6.4CVSS0.00275EPSS

Exploits0References3

Vulnrichment•added 2025/10/18 5:41 a.m.•4 views

CVE-2025-11857 XX2WP Integration Tools <= 1.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS4.7AI score0.00275EPSS

Exploits0References3

CNNVD•added 2025/10/18 12:0 a.m.•4 views

WordPress plugin PowerBI Embed Reports 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. An information...

5.3CVSS6.1AI score0.00449EPSS

Exploits0References6