CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm News•added 2025/11/17 12:0 a.m.•2 views

Average Hardness of SIVP for Module Lattices of Fixed Rank

The problem of finding short vectors in Euclidean lattices is a central hard problem in complexity theory. The case of module lattices i.e., lattices which are also modules over a number ring is of particular interest for cryptography and computational number theory. The hardness of finding short...

6.5AI score

RedhatCVE•added 2025/11/14 10:11 a.m.•12 views

CVE-2025-64264

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows Stored XSS.This issue affects Popup addon for Ninja Forms: from n/a through = 3.5.1...

5.9CVSS6AI score0.00141EPSS

Vulnrichment•added 2025/11/13 1:23 p.m.•9 views

CVE-2025-41069 Insecure Direct Object References (IDOR) in DeporSite of T-Innova DeporSite

Insecure Direct Object Reference IDOR vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the 'idUsuario' parameter in...

5.3CVSS6.4AI score0.00215EPSS

EUVD•added 2025/11/13 12:31 p.m.•3 views

EUVD-2025-163781

5.9CVSS5.5AI score0.00141EPSS

NVD•added 2025/11/13 10:15 a.m.•9 views

CVE-2025-64264

5.9CVSS0.00141EPSS

Cvelist•added 2025/11/13 9:24 a.m.•17 views

CVE-2025-64264 WordPress Popup addon for Ninja Forms plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability

5.9CVSS0.00141EPSS

Vulnrichment•added 2025/11/13 9:24 a.m.•3 views

CVE-2025-64264 WordPress Popup addon for Ninja Forms plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability

5.9CVSS5.6AI score0.00141EPSS

CVE•added 2025/11/13 9:24 a.m.•8 views

CVE-2025-64264

Summary: CVE-2025-64264 affects the WordPress Popup addon for Ninja Forms plugin (versions ≤ 3.5.1). The issue is an "Improper Neutralization of Input During Web Page Generation" (Stored XSS) vulnerability caused by insufficient filtering/escaping of user-supplied data in the popup addon. The con...

5.9CVSS5.6AI score0.00141EPSS

CNNVD•added 2025/11/13 12:0 a.m.•2 views

WordPress plugin Popup addon for Ninja Forms 安全漏洞

WordPress Popup addon for Ninja Forms plugin is a WordPress form plugin that supports the creation of contact forms, signup forms and more. Its Popup/Modal plugin generates informational or promotional popups for email subscriptions, login signups, and other scenarios. A cross-site scripting...

5.9CVSS5.8AI score0.00141EPSS

Positive Technologies•added 2025/11/13 12:0 a.m.•10 views

PT-2025-46800

5.9AI score0.00141EPSS

CNVD•added 2025/11/12 12:0 a.m.•5 views

WordPress Gravity Forms plugin arbitrary file upload vulnerability

WordPress Gravity Forms plugin is a professional forms plugin for the WordPress platform, mainly used to create and manage various interactive forms, supporting data collection, payment processing, workflow automation and other features. WordPress Gravity Forms plugin has an arbitrary file upload...

9.8CVSS8.3AI score0.00659EPSS

Patchstack•added 2025/11/10 1:29 a.m.•5 views

WordPress HTML Forms plugin <= 1.5.5 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin HTML Forms versions = 1.5.5...

4.4CVSS5.5AI score0.00168EPSS

Exploits0References1Affected Software1

CNNVD•added 2025/11/10 12:0 a.m.•3 views

JetBrains YouTrack 安全漏洞

JetBrains YouTrack is a browser-based bug tracking and project management software from the Czech company JetBrains. The software features bug tracking, creating workflows and monitoring project progress. A security vulnerability exists in versions prior to JetBrains YouTrack 2025.3.104432, which...

7.5CVSS6.2AI score0.0028EPSS

Packet Storm News•added 2025/11/10 12:0 a.m.•4 views

Wapiti Web Application Vulnerability Scanner 3.2.9 Source Code

7.2AI score

Packet Storm News•added 2025/11/10 12:0 a.m.•3 views

Wapiti Web Application Vulnerability Scanner 3.2.9

7AI score

RedhatCVE•added 2025/11/08 7:41 a.m.•7 views

CVE-2025-12352

The Gravity Forms plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the copypostimage function in all versions up to, and including, 2.9.20. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's serv...

9.8CVSS7.5AI score0.00659EPSS

Cvelist•added 2025/11/08 3:27 a.m.•6 views

CVE-2025-12125 HTML Forms <= 1.5.5 - Authenticated (Admin+) Stored Cross-Site Scripting

The HTML Forms – Simple WordPress Forms Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS0.00168EPSS

Vulnrichment•added 2025/11/08 3:27 a.m.•2 views

CVE-2025-12125 HTML Forms <= 1.5.5 - Authenticated (Admin+) Stored Cross-Site Scripting

4.4CVSS4.5AI score0.00168EPSS

CVE•added 2025/11/08 3:27 a.m.•20 views

CVE-2025-12125

CVE-2025-12125 corresponds to a Stored Cross-Site Scripting vulnerability in the WordPress plugin HTML Forms – Simple WordPress Forms Plugin. The issue arises from insufficient input sanitization and output escaping in admin settings, making authenticated attackers with administrator-level permis...

4.4CVSS4.6AI score0.00168EPSS