CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Patchstack•added 2026/05/01 9:33 a.m.•1 views

WordPress Anti-Spam Protection – No API Key, GDPR Friendly plugin <= 2.3.7 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Anti-Spam by Fullworks : GDPR Compliant Spam Protection versions = 2.3.7...

6.1CVSS5.8AI score0.00135EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-28043

Malicious code in bioql PyPI...

7.1CVSS6.4AI score0.00199EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-28038

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00097EPSS

Exploits0References1

Prion•added 2023/04/25 5:15 p.m.•6 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Contact Form plugin = 8.0.3.1 versions...

4.3CVSS4.8AI score0.00207EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2023/04/25 12:0 a.m.•1 views

PT-2023-15430 · Fullworks · Fullworks Quick Contact Form

Name of the Vulnerable Software and Affected Versions: Fullworks Quick Contact Form plugin versions = 8.0.3.1 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For versions = 8.0.3.1, update t...

5.9CVSS5.3AI score0.00207EPSS

Exploits0References4

OSV•added 2023/04/07 1:15 p.m.•0 views

CVE-2023-25702

Auth. admin+ Stored Cross-site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...

4.8CVSS5.8AI score

Exploits0References1

OSV•added 2023/04/06 6:15 a.m.•1 views

CVE-2023-23979

Unauth. Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 versions...

6.1CVSS6.3AI score

Exploits0References1

Cvelist•added 2023/04/06 5:17 a.m.•12 views

CVE-2023-23979 WordPress Quick Event Manager Plugin <= 9.7.4 is vulnerable to Cross Site Scripting (XSS)

Unauth. Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 versions...

7.1CVSS6.1AI score0.00199EPSS

Exploits0References1

Positive Technologies•added 2023/04/06 12:0 a.m.•1 views

PT-2023-19332 · Fullworks · Fullworks Quick Event Manager Plugin

Name of the Vulnerable Software and Affected Versions: Fullworks Quick Event Manager plugin versions prior to 9.7.5 Description: The issue is related to an Unauth. Stored Cross-Site Scripting XSS vulnerability. Recommendations: For versions prior to 9.7.5, update to version 9.7.5 or later to...

7.1CVSS5.7AI score0.00199EPSS

Exploits0References4

OSV•added 2023/03/28 9:15 a.m.•0 views

CVE-2022-46863

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Event Manager plugin = 9.6.4 versions...

4.8CVSS5.8AI score

Exploits0References1

CNNVD•added 2023/03/01 12:0 a.m.•1 views

WordPress Plugin Fullworks Quick Event Manager 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

5.4CVSS5.6AI score0.00097EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by