CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Positive Technologies•added 2026/04/16 12:0 a.m.•5 views

PT-2026-33308

The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via uploaded image title in versions up to, and including, 1.7.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

5.4CVSS5.9AI score0.00258EPSS

Exploits0References3

Patchstack•added 2026/01/06 11:23 p.m.•4 views

WordPress My Album Gallery plugin <= 1.0.4 - Authenticated (Author+) Stored Cross-Site Scripting via Image Title vulnerability

Authenticated Author+ Stored Cross-Site Scripting via Image Title vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin My Album Gallery versions = 1.0.4...

6.4CVSS5.5AI score0.00234EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-12369

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00288EPSS

Exploits1References3

OSV•added 2024/03/29 7:15 a.m.•4 views

CVE-2024-2108

The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an image title embedded into a form in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes ...

5.4CVSS7.4AI score0.00343EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by