CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8176 matches found

NVD•added 2024/02/01 11:15 a.m.•14 views

CVE-2023-51695

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPEverest Everest Forms – Build Contact Forms, Surveys, Polls, Application Forms, and more with Ease! allows Stored XSS.This issue affects Everest Forms – Build Contact Forms, Surveys, Polls,...

5.9CVSS5.7AI score0.00336EPSS

Exploits0References1

OSV•added 2024/02/01 11:15 a.m.•19 views

CVE-2023-51695

4.8CVSS6.7AI score

Exploits0References1

OSV•added 2024/02/01 11:15 a.m.•3 views

CVE-2023-51536

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CRM Perks CRM Perks Forms – WordPress Form Builder allows Stored XSS.This issue affects CRM Perks Forms – WordPress Form Builder: from n/a through 1.1.2...

4.8CVSS7.3AI score0.00336EPSS

Exploits0References1

NVD•added 2024/02/01 11:15 a.m.•11 views

CVE-2023-51536

5.9CVSS5.7AI score0.00336EPSS

Exploits0References1

Prion•added 2024/02/01 11:15 a.m.•13 views

Cross site scripting

4.3CVSS7AI score0.00336EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/02/01 11:7 a.m.•14 views

CVE-2023-51695 WordPress Everest Forms Plugin <= 2.0.4.1 is vulnerable to Cross Site Scripting (XSS)

5.9CVSS6.7AI score0.00336EPSS

Exploits0References1

Cvelist•added 2024/02/01 11:7 a.m.•16 views

CVE-2023-51695 WordPress Everest Forms Plugin <= 2.0.4.1 is vulnerable to Cross Site Scripting (XSS)

5.9CVSS5.9AI score0.00336EPSS

Exploits0References1

CVE•added 2024/02/01 11:7 a.m.•40 views

CVE-2023-51695

The CVE-2023-51695 entry concerns the WordPress plugin Everest Forms (Build Contact Forms, Surveys, Polls, Application Forms, and related functionality). A stored Cross-Site Scripting (XSS) vulnerability exists due to improper neutralization of input during web page generation, affecting Everest ...

5.9CVSS6.5AI score0.00336EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/02/01 10:25 a.m.•14 views

CVE-2023-51536 WordPress CRM Perks Forms Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

5.9CVSS6.7AI score0.00336EPSS

Exploits0References1

Cvelist•added 2024/02/01 10:25 a.m.•22 views

CVE-2023-51536 WordPress CRM Perks Forms Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

5.9CVSS5.9AI score0.00336EPSS

Exploits0References1

NVD•added 2024/02/01 10:15 a.m.•28 views

CVE-2023-52192

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Keap Keap Official Opt-in Forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through 1.0.11...

6.5CVSS6.4AI score0.00322EPSS

Exploits0References1

OSV•added 2024/02/01 10:15 a.m.•3 views

CVE-2023-52192

5.4CVSS7.3AI score0.00322EPSS

Exploits0References1

Prion•added 2024/02/01 10:15 a.m.•17 views

Cross site scripting

4.9CVSS6.9AI score0.00322EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/02/01 9:52 a.m.•36 views

CVE-2023-52192 WordPress Keap Official Opt-in Forms Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS)

6.5CVSS6.6AI score0.00322EPSS

Exploits0References1

CVE•added 2024/02/01 9:52 a.m.•44 views

CVE-2023-52192

CVE-2023-52192: Keap Official Opt-in Forms for WordPress is vulnerable to Stored Cross-Site Scripting due to improper input neutralization. Affected are Keap Official Opt-in Forms up to version 1.0.11 (and related notes indicate the issue may persist in older builds). The vulnerability stems from...

6.5CVSS6.7AI score0.00322EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/02/01 4:31 a.m.•13 views

CVE-2024-1130 NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.5.6 - Missing Authorization via set_read()

The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the setread function in all versions up to, and including, 8.5.6. This makes it possible for authenticated attackers, with...

5.3CVSS6.7AI score0.00598EPSS

Exploits0References7

CVE•added 2024/02/01 4:31 a.m.•64 views

CVE-2024-1130

The CVE CVE-2024-1130 concerns the WordPress plugin NEX-Forms – Ultimate Form Builder. A missing capability check in the set_read() function allowed authenticated users with subscriber+ access to mark records as read, affecting all versions up to 8.5.6. Publicly disclosed remediation indicates th...

5.3CVSS5.9AI score0.00598EPSS

Exploits0References7Affected Software1

Cvelist•added 2024/02/01 4:31 a.m.•22 views

CVE-2024-1130 NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.5.6 - Missing Authorization via set_read()

5.3CVSS5.3AI score0.00598EPSS

Exploits0References7

Vulnrichment•added 2024/02/01 4:31 a.m.•15 views

CVE-2024-0907

The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the restorerecords function in all versions up to, and including, 8.5.6. This makes it possible for authenticated attackers, with...

5.3CVSS5AI score0.00598EPSS

Exploits0References7

CVE•added 2024/02/01 4:31 a.m.•65 views

CVE-2024-0907

CVE-2024-0907 affects the WordPress plugin NEX-Forms – Ultimate Form Builder (restore_records() function). Root cause: missing capability check allows unauthorized access to restore records. Affected versions: all up to and including 8.5.6 (per CVE entry). Impact: authenticated users with subscri...

5.3CVSS5.9AI score0.00598EPSS

Exploits0References7Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by