CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

EUVD•added 2025/10/29 9:30 a.m.•2 views

EUVD-2025-36631

Cross-Site Request Forgery CSRF vulnerability in Allegro Marketing hpb seo plugin for WordPress hpbseo allows Reflected XSS.This issue affects hpb seo plugin for WordPress: from n/a through = 3.0.1...

7.1CVSS6.4AI score0.00016EPSS

Exploits0References2

NVD•added 2025/10/29 9:15 a.m.•3 views

CVE-2025-60075

7.1CVSS0.00016EPSS

Exploits0References1

Vulnrichment•added 2025/10/29 8:38 a.m.•2 views

CVE-2025-60075 WordPress hpb seo plugin for WordPress plugin <= 3.0.1 - Cross Site Request Forgery (CSRF) vulnerability

7.1CVSS6.6AI score0.00016EPSS

Exploits0References1

CVE•added 2025/10/29 8:38 a.m.•8 views

CVE-2025-60075

CVE-2025-60075 describes a Cross-Site Request Forgery (CSRF) vulnerability in the Allegro Marketing hpb seo WordPress plugin (hpbseo) affecting versions up to and including 3.0.1. The issue permits a reflected XSS vector due to insufficient CSRF protections. The common sources (NVD, Red Hat, EUVD...

7.1CVSS6.6AI score0.00016EPSS

Exploits0References1

Cvelist•added 2025/10/29 8:38 a.m.•4 views

CVE-2025-60075 WordPress hpb seo plugin for WordPress plugin <= 3.0.1 - Cross Site Request Forgery (CSRF) vulnerability

7.1CVSS0.00016EPSS

Exploits0References1

Positive Technologies•added 2025/10/29 12:0 a.m.•3 views

PT-2025-44240

Name of the Vulnerable Software and Affected Versions Allegro Marketing hpb seo plugin for WordPress versions through 3.0.1 Description The plugin suffers from a Cross-Site Request Forgery CSRF issue, which also allows for Reflected Cross-Site Scripting XSS. The vulnerability exists due to...

7.1CVSS6.1AI score0.00016EPSS

Exploits0References3

CNNVD•added 2025/10/29 12:0 a.m.•2 views

WordPress plugin hpb seo 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

7.1CVSS6.2AI score0.00016EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-24838

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00206EPSS

Exploits2References1

Patchstack•added 2025/07/15 3:1 a.m.•6 views

WordPress hpb seo plugin for WordPress plugin <= 3.0.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin hpb seo plugin for WordPress versions = 3.0.1...

7.1CVSS7AI score0.00016EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/05/22 11:31 p.m.•3 views

CVE-2022-1542

The HPB Dashboard WordPress plugin through 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS6AI score0.00206EPSS

Exploits2References1

Hacker One•added 2022/09/20 3:46 p.m.•29 views

Nextcloud: Guests can continue to receive video streams from call after being removed from a conversation

Summary: If the HPB is used and a guest is removed from a conversation while said guest is in a call the guest will no longer appear in the participant list and the call will appear as ended for the other participants. However, for the guest the call UI is still shown. If other participants start...

4CVSS1.1AI score0.00379EPSS

Exploits0

OSV•added 2022/05/30 9:15 a.m.•3 views

CVE-2022-1542

4.8CVSS5.8AI score0.00206EPSS

Exploits2References1

ATTACKERKB•added 2022/05/30 9:15 a.m.•4 views

CVE-2022-1542

4.8CVSS5.8AI score0.00206EPSS

Exploits2References2

NVD•added 2022/05/30 9:15 a.m.•10 views

CVE-2022-1542

4.8CVSS0.00206EPSS

Exploits2References1

Prion•added 2022/05/30 9:15 a.m.•10 views

Cross site scripting

3.5CVSS4.7AI score0.00206EPSS

Exploits2References1Affected Software1

Cvelist•added 2022/05/30 8:35 a.m.•12 views

CVE-2022-1542 HPB Dashboard <= 1.3.1 - Admin+ Stored Cross Site Scripting

5.1AI score0.00206EPSS

Exploits2References1

CVE•added 2022/05/30 8:35 a.m.•71 views

CVE-2022-1542

CVE-2022-1542 affects the WordPress HPB Dashboard plugin

4.8CVSS4.8AI score0.00206EPSS

Exploits2References1Affected Software1

CNNVD•added 2022/05/30 12:0 a.m.•3 views

WordPress plugin HPB Dashboard 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress HPB Dashboard plugin, which stems fr...

4.8CVSS5.3AI score0.00206EPSS

Exploits2References2

wpexploit•added 2022/05/09 12:0 a.m.•96 views

HPB Dashboard <= 1.3.1 - Admin+ Stored Cross Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed. Put the following payload in the plugin's settings: "...

4.8CVSS0.7AI score0.00206EPSS

Exploits2

WPVulnDB•added 2022/05/09 12:0 a.m.•13 views

HPB Dashboard <= 1.3.1 - Admin+ Stored Cross Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed. PoC Put the following payload in the plugin's settings: "...

4.8CVSS2.2AI score0.00206EPSS

Exploits2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by