CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-Site Request Forgery CSRF in LXD-UI in Canonical LXD versions = 5.0 on Linux allows an attacker to create and start container instances without user consent via crafted HTML form submissions exploiting client certificate authentication...

7.5CVSS6.5AI score0.0012EPSS

Exploits1References1

RedhatCVE•added 2025/10/05 2:51 a.m.•6 views

CVE-2025-11227

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.10.0 via the 'registerGetForm', 'registerGetForms', 'registerGetCampaign' and 'registerGetCampaigns' functions due to a missing capability check...

6.5CVSS5.5AI score0.00254EPSS

Exploits0References1

RedhatCVE•added 2025/10/04 11:53 a.m.•6 views

CVE-2025-10309

The PayPal Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.3. This is due to missing nonce validation on the form creation and management functions. This makes it possible for unauthenticated attackers to create new PayPal forms and...

4.3CVSS5.4AI score0.00133EPSS

Exploits0References1

EUVD•added 2025/10/04 3:32 a.m.•3 views

EUVD-2025-32419

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the registerAssociateFormsWithCampaign function in all versions up to, and including, 4.10.0. This makes it possible for unauthenticat...

5.3CVSS4.8AI score0.00266EPSS

Exploits0References4

EUVD•added 2025/10/04 3:32 a.m.•4 views

EUVD-2025-32424

6.5CVSS5AI score0.00254EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by