CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

58 matches found

EUVD•added 2026/02/03 2:8 p.m.•1 views

EUVD-2026-5250

Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through = 2.2.8...

5.4CVSS5.3AI score0.00053EPSS

Exploits0References1

Positive Technologies•added 2026/02/03 12:0 a.m.•2 views

PT-2026-6236

Name of the Vulnerable Software and Affected Versions Fahad Mahmood WP Docs versions through 2.2.8 Description The software contains a missing authorization issue related to incorrectly configured access control security levels. This allows for exploitation of the system. Recommendations Update...

5.4CVSS5.4AI score0.00053EPSS

Exploits0References3

RedhatCVE•added 2026/01/09 9:48 a.m.•6 views

CVE-2020-24314

Fahad Mahmood RSS Feed Widget Plugin v2.7.9 and lower does not sanitize the value of the "t" GET parameter before echoing it back out inside an input tag. This results in a reflected XSS vulnerability that attackers can exploit with a specially crafted URL...

6.1CVSS6AI score0.0023EPSS

Exploits2References1

NVD•added 2026/01/06 5:15 p.m.•2 views

CVE-2025-69349

Missing Authorization vulnerability in Fahad Mahmood RSS Feed Widget rss-feed-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RSS Feed Widget: from n/a through = 3.0.2...

5.4CVSS0.00069EPSS

Exploits0References1

NVD•added 2025/12/31 5:15 p.m.•5 views

CVE-2025-62078

Missing Authorization vulnerability in Fahad Mahmood Easy Upload Files During Checkout easy-upload-files-during-checkout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Upload Files During Checkout: from n/a through = 3.0.0...

4.3CVSS0.0001EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-9466

Malicious code in bioql PyPI...

8.5CVSS8.8AI score0.00168EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2025-17238

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00423EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-35453

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00143EPSS

Exploits0References1

RedhatCVE•added 2025/06/08 1:19 p.m.•3 views

CVE-2025-30999

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Fahad Mahmood External Store for Shopify wp-shopify allows PHP Local File Inclusion.This issue affects External Store for Shopify: from n/a through = 1.5.9...

7.5CVSS5.9AI score0.00423EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:0 a.m.•1 views

CVE-2024-47321

Missing Authorization vulnerability in Fahad Mahmood WP Datepicker wp-datepicker.This issue affects WP Datepicker: from n/a through = 2.1.1...

9.8CVSS5.9AI score0.00304EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 7:33 a.m.•3 views

CVE-2024-22153

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fahad Mahmood & Alexandre Faustino Stock Locations for WooCommerce allows Stored XSS.This issue affects Stock Locations for WooCommerce: from n/a through 2.5.9...

5.9CVSS6.5AI score0.00068EPSS

Exploits0References1

RedhatCVE•added 2025/04/03 9:34 p.m.•4 views

CVE-2025-31089

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Fahad Mahmood Order Splitter for WooCommerce woo-order-splitter allows SQL Injection.This issue affects Order Splitter for WooCommerce: from n/a through = 5.3.0...

8.5CVSS7.3AI score0.00168EPSS

Exploits0References1

Vulnrichment•added 2025/04/01 8:58 p.m.•4 views

CVE-2025-31089 WordPress Order Splitter for WooCommerce plugin <= 5.3.0 - SQL Injection Vulnerability

8.5CVSS7.2AI score0.00168EPSS

Exploits0References1

Cvelist•added 2025/04/01 8:58 p.m.•11 views

CVE-2025-31089 WordPress Order Splitter for WooCommerce plugin <= 5.3.0 - SQL Injection Vulnerability

8.5CVSS0.00168EPSS

Exploits0References1

CVE•added 2025/04/01 8:58 p.m.•40 views

CVE-2025-31089

CVE-2025-31089 involves Order Splitter for WooCommerce. The vulnerability is an SQL Injection in the plugin, reported as affecting Order Splitter for WooCommerce versions up to and including 5.3.0. Root cause: improper neutralization of input elements used in SQL commands. Exploitation requires a...

8.5CVSS7.3AI score0.00168EPSS

Exploits0References1

RedhatCVE•added 2025/02/18 10:26 p.m.•6 views

CVE-2025-26779

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Fahad Mahmood Keep Backup Daily keep-backup-daily allows Path Traversal.This issue affects Keep Backup Daily: from n/a through = 2.1.0...

4.9CVSS7.2AI score0.00114EPSS

Exploits0References1

OSV•added 2025/01/07 11:15 a.m.•0 views

CVE-2024-56288

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.2.1...

4.8CVSS7.3AI score0.00135EPSS

Exploits0References1

NVD•added 2025/01/07 11:15 a.m.•7 views

CVE-2024-56288

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fahad Mahmood WP Docs wp-docs allows Stored XSS.This issue affects WP Docs: from n/a through = 2.2.1...

5.9CVSS0.00135EPSS

Exploits0References1

OSV•added 2024/12/09 1:15 p.m.•1 views

CVE-2023-30873

Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through 1.9.8...

8.8CVSS5.8AI score

Exploits0References1

ATTACKERKB•added 2024/12/09 1:15 p.m.•3 views

CVE-2023-30873

Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through = 1.9.8...

8.8CVSS5.8AI score0.00177EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by