CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Patchstack•added 2026/05/12 10:3 a.m.•17 views

WordPress AIWU plugin <= 1.4.21 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin AIWU versions = 1.4.21...

7.5CVSS5.9AI score0.00199EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/04/20 6:26 p.m.•2 views

WordPress Website LLMs.txt plugin <= 8.2.6 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin Website LLMs.txt versions = 8.2.6...

4.4CVSS5.8AI score0.00031EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/04/20 12:0 a.m.•3 views

WordPress Website LLMs.txt plugin <= 8.2.6 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin Website LLMs.txt versions = 8.2.6...

6.1CVSS5.8AI score0.00087EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/03/22 10:18 p.m.•3 views

WordPress WP-Chatbot for Messenger plugin <= 4.9 - Missing Authorization to Unauthenticated Chatbot Configuration Takeover vulnerability

Missing Authorization to Unauthenticated Chatbot Configuration Takeover vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin WP-Chatbot for Messenger versions = 4.9...

5.3CVSS5.8AI score0.00107EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/03/10 9:38 p.m.•3 views

WordPress Booktics plugin <= 1.0.16 - Missing Authorization to Addon Plugin Installation vulnerability

Missing Authorization to Addon Plugin Installation vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin Booktics versions = 1.0.16...

5.3CVSS5.8AI score0.00069EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/02/13 10:2 p.m.•4 views

WordPress Easy Voice Mail plugin <= 1.2.5 - Unauthenticated Stored Cross-Site Scripting via 'message' vulnerability

Unauthenticated Stored Cross-Site Scripting via 'message' vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin Easy Voice Mail versions = 1.2.5...

6.1CVSS5.4AI score0.00042EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/01/26 6:56 p.m.•7 views

WordPress Meta-box GalleryMeta plugin <= 3.0.1 - Authenticated (Editor+) Stored Cross-Site Scripting via Image Caption vulnerability

Authenticated Editor+ Stored Cross-Site Scripting via Image Caption vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin Meta-box GalleryMeta versions = 3.0.1...

4.4CVSS5.9AI score0.00046EPSS

Exploits1References1Affected Software1

Github Security Blog•added 2023/05/15 8:50 p.m.•30 views

vm2 Sandbox Escape vulnerability

A sandbox escape vulnerability exists in vm2 for versions up to 3.9.17. It abuses an unexpected creation of a host object based on the specification of Proxy. Impact A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. Patches Thi...

10CVSS8.1AI score0.61685EPSS

Exploits1References6Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by