CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3 matches found

Cvelist•added 2025/12/05 4:29 a.m.•21 views

CVE-2025-12417 SurveyFunnel – Survey Plugin for WordPress <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The SurveyFunnel – Survey Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'surveyfunnellitesurvey' shortcode in all versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This make...

6.4CVSS0.00031EPSS

Exploits0References3

Patchstack•added 2024/04/22 12:0 a.m.•13 views

WordPress 5 Stars Rating Funnel Plugin <= 1.2.67 is vulnerable to Broken Access Control

Software 5 Stars Rating Funnel Type Plugin Vulnerable versions = 1.2.67 Fixed in 1.3.02 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32725 Patch priority Low CVSS severity Low 5.3 Developer Tobias PSID a41d04f55930 Credits Dhabaleshwar Das Required...

5.3CVSS5.2AI score0.00133EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/07/18 12:0 a.m.•6 views

WordPress 5 Stars Rating Funnel Plugin <= 1.2.63 is vulnerable to Cross Site Scripting (XSS)

Software 5 Stars Rating Funnel Type Plugin Vulnerable versions = 1.2.63 Fixed in 1.2.64 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Tobias PSID b28e41895b77 Credits Rafie Muhammad Patchstack Require...

6.4AI score

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by