CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2024/05/08 10:57 a.m.•16 views

CVE-2024-34565 WordPress Debug Info plugin <= 1.3.10 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Debug Info allows Stored XSS.This issue affects Debug Info: from n/a through 1.3.10...

5.9CVSS6.3AI score0.00218EPSS

Patchstack•added 2024/05/07 11:5 a.m.•4 views

WordPress Debug Info plugin <= 1.3.10 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jakick Patchstack Alliance in WordPress Plugin Debug Info versions = 1.3.10...

5.9CVSS6.1AI score0.00218EPSS

Exploits0Affected Software1

OSV•added 2023/08/31 5:58 p.m.•2 views

SUSE-SU-2023:3507-1 Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: - CVE-2023-20900: Fixed SAML token signature bypass vulnerability bsc1214566. This update also ships a open-vm-tools-containerinfo plugin. jscPED-3421...

7.5CVSS7.5AI score0.00807EPSS

Exploits0References3

OSV•added 2022/09/23 3:15 p.m.•3 views

CVE-2022-38061

Authenticated author+ CSV Injection vulnerability in Export Post Info plugin = 1.2.0 at WordPress...

5.7CVSS5.8AI score0.00527EPSS

NVD•added 2022/09/23 3:15 p.m.•13 views

CVE-2022-38061

Authenticated author+ CSV Injection vulnerability in Export Post Info plugin = 1.2.0 at WordPress...

6.2CVSS0.00527EPSS

Prion•added 2022/09/23 3:15 p.m.•19 views

Input validation

Authenticated author+ CSV Injection vulnerability in Export Post Info plugin = 1.2.0 at WordPress...

3.5CVSS5.9AI score0.00527EPSS

CVE•added 2022/09/23 2:40 p.m.•61 views

CVE-2022-38061

CVE-2022-38061 concerns the WordPress plugin Export Post Info (versions ≤ 1.2.0). The vulnerability is an authenticated CSV injection in CSV exports, allowing an author-or-higher user to inject data during export. Reported as authenticated CSV injection with impact to data integrity (per CVSS ref...

6.2CVSS5.9AI score0.00527EPSS

NVD•added 2022/09/09 3:15 p.m.•8 views

CVE-2022-38068

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Apasionados Export Post Info plugin = 1.1.0 at WordPress...

4.8CVSS0.00352EPSS

Prion•added 2022/09/09 3:15 p.m.•11 views

Cross site scripting

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Apasionados Export Post Info plugin = 1.1.0 at WordPress...

4.3CVSS4.9AI score0.00352EPSS

Patchstack•added 2020/04/03 12:0 a.m.•12 views

WordPress WP Last Modified Info plugin <= 1.6.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Jeroen Mulder in WordPress WP Last Modified Info plugin versions = 1.6.5. Solution Update the WordPress WP Last Modified Info plugin to the latest available version at least 1.6.6...

2AI score

OSV•added 2018/09/17 2:29 p.m.•0 views

ALPINE-CVE-2018-11780

A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2...

9.8CVSS7.5AI score0.18675EPSS

OSV•added 2016/12/17 3:59 a.m.•1 views

DEBIAN-CVE-2016-9998

SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/infoplugin.php involving the $plugin parameter, as demonstrated by a /ecrire/?exec=infoplugin URL...

6.1CVSS6.4AI score0.00292EPSS

OSV•added 2016/12/17 3:59 a.m.•1 views

UBUNTU-CVE-2016-9998

SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/infoplugin.php involving the $plugin parameter, as demonstrated by a /ecrire/?exec=infoplugin URL...

6.1CVSS6.4AI score0.00292EPSS

Exploits0References3

CNVD•added 2015/07/23 12:0 a.m.•2 views

Ghisler Total Commander FileInfo plugin Denial of Service Vulnerability

Ghisler Total Commander formerly Windows Commander is a suite of disk file management software from the Swiss company Ghisler that replaces Explorer.File Info is one of the file information plug-ins. A security vulnerability exists in the Ghisler Total Commander File Info plug-in. A remote attack...

5CVSS6.6AI score0.01849EPSS

CERT•added 2015/07/20 12:0 a.m.•26 views

Total Commander File Info plugin vulnerable to denial of service via an out-of-bounds read

Overview Total Commander's File Info plugin version 2.21 attempts an out-of-bounds read when reading a file carefully crafted by an attacker. Description CWE-125: Out-of-bounds Read - CVE-2015-2869An attacker that can control the contents of certain file types may be able to cause an out-of-bound...

5CVSS7AI score0.01849EPSS