CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3381 matches found

Vulnrichment•added 2025/11/04 4:27 a.m.•2 views

CVE-2025-12410 SH Contextual Help <= 3.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The SH Contextual Help plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.1. This is due to missing or incorrect nonce validation in the shcontextualhelpdashboardwidget function. This makes it possible for unauthenticated attackers to update...

6.1CVSS5AI score0.00127EPSS

Exploits0References4

Positive Technologies•added 2025/11/04 12:0 a.m.•7 views

PT-2025-44956

The SH Contextual Help plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.1. This is due to missing or incorrect nonce validation in the sh contextual help dashboard widget function. This makes it possible for unauthenticated attackers to...

6.1CVSS5.4AI score0.00127EPSS

Exploits0References5

CNNVD•added 2025/11/04 12:0 a.m.•3 views

WordPress plugin SH Contextual Help 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

6.1CVSS6.4AI score0.00127EPSS

Exploits0References4

Snyk•added 2025/10/16 7:51 a.m.•1 views

Malicious Package

Overview redux-saga-help is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score

Exploits0References3