CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

CNNVD•added 2026/04/15 12:0 a.m.•8 views

WordPress plugin Age Verification & Identity Verification by Token of Trust 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.2CVSS6AI score0.00335EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 12:46 a.m.•5 views

CVE-2022-4410

The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including 2.2.20.3 due to improper output escaping on post/page/media titles. This makes it possible for attackers to inject arbitrary web scripts on the permalink-manager page if...

6.4CVSS5.7AI score0.00555EPSS

Exploits0References1

Veracode•added 2025/05/22 7:9 a.m.•11 views

Cross-site Scripting (XSS)

symfony/ux-live-component and symfony/ux-twig-component is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper output escaping due to unescaped rendering of ComponentAttributes values, which may contain unsafe user input leading to HTML attribute injection...

6.1CVSS5.9AI score0.00202EPSS

Exploits0References10Affected Software2

RedHat Linux•added 2024/07/24 2:5 p.m.•8 views

httpd: Improper escaping of output in mod_rewrite

A flaw was found in the modrewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure...

9.1CVSS7.4AI score0.99957EPSS

Exploits1References6