CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Vulnrichment•added 2026/03/20 3:7 a.m.•2 views

CVE-2026-31805 Discourse has a poll authorization bypass via post_id array parameter

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, an authorization bypass in the poll plugin allowed authenticated users to vote on, remove votes from, or toggle the open/closed status of polls they did not have access to. By passing...

5.3CVSS5.8AI score0.00215EPSS

Exploits0References2

RedhatCVE•added 2026/02/21 7:29 p.m.•5 views

CVE-2025-68854

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in harman79 ID Arrays id-arrays allows DOM-Based XSS.This issue affects ID Arrays: from n/a through = 2.1.2...

7.1CVSS5.5AI score0.00236EPSS

Exploits0References1

NVD•added 2026/02/20 4:22 p.m.•5 views

CVE-2025-68854

7.1CVSS0.00236EPSS

Exploits0References1

Vulnrichment•added 2026/02/20 3:46 p.m.•3 views

CVE-2025-68854 WordPress ID Arrays plugin <= 2.1.2 - POST-Based Reflected Cross Site Scripting (XSS) vulnerability

5.3AI score0.00236EPSS

Exploits0References1

Cvelist•added 2026/02/20 3:46 p.m.•23 views

CVE-2025-68854 WordPress ID Arrays plugin <= 2.1.2 - POST-Based Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00236EPSS

Exploits0References1

CVE•added 2026/02/20 3:46 p.m.•15 views

CVE-2025-68854

CVE-2025-68854 is a WordPress plugin vulnerability in ID Arrays (id-arrays)

7.1CVSS5.5AI score0.00236EPSS

Exploits0References1

Positive Technologies•added 2026/02/20 12:0 a.m.•7 views

PT-2026-21113

Name of the Vulnerable Software and Affected Versions harman79 ID Arrays versions through 2.1.2 Description The software contains a flaw related to improper input handling during web page generation, leading to a DOM-Based Cross-site Scripting XSS condition. This allows for the potential executio...

5.5AI score0.00236EPSS

Exploits0References3