CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/05/22 12:0 a.m.•5 views

CIOP-PIB STER 安全漏洞

CIOP-PIB STER is a occupational safety and human ergonomics risk assessment software system developed by the Polish company CIOP-PIB. Versions of CIOP-PIB STER prior to version 9.5 contained security vulnerabilities. These vulnerabilities stemmed from the use of unencrypted TCP traffic for data...

8.7CVSS5.8AI score0.00034EPSS

Exploits0References2

EUVD•added 2026/04/22 9:31 a.m.•0 views

EUVD-2026-24636

The Institute Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Enquiry Form Title' setting in all versions up to, and including, 5.5. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

NVD•added 2026/04/22 9:16 a.m.•1 views

Exploits0References4

CVE-2026-2714

4.4CVSS0.00011EPSS

Cvelist•added 2026/04/22 7:45 a.m.•21 views

CVE-2026-2714 Institute Management <= 5.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Enquiry Form Title' Setting

4.4CVSS0.00011EPSS

Vulnrichment•added 2026/04/22 7:45 a.m.•0 views

CVE-2026-2714 Institute Management <= 5.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Enquiry Form Title' Setting

ATTACKERKB•added 2026/04/22 7:45 a.m.•1 views

CVE-2026-2714

CVE•added 2026/04/22 7:45 a.m.•3 views

Exploits0References4

CVE-2026-2714

CVE-2026-2714 affects the Institute Management plugin for WordPress (up to version 5.5). The vulnerability is a stored cross-site scripting issue in the Enquiry Form Title setting caused by insufficient input sanitization and output escaping. Exploitation requires authenticated access at Administ...

Positive Technologies•added 2026/04/22 12:0 a.m.•2 views

PT-2026-34271

CNNVD•added 2026/04/22 12:0 a.m.•2 views

Exploits0References5

WordPress plugin Institute Management 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. In versions...

The Hacker News•added 2026/04/07 4:29 p.m.•4 views

Exploits0References1

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk

In the rapid evolution of the 2026 threat landscape, a frustrating paradox has emerged for CISOs and security leaders: Identity programs are maturing, yet the risk is actually increasing. According to new research from the Ponemon Institute , hundreds of applications within the typical enterprise...

6AI score

Positive Technologies•added 2026/03/26 12:0 a.m.•0 views

PT-2026-28798

OpenClaw before 2026.3.22 contains a policy bypass vulnerability where queued node actions are not revalidated against current command policy when delivered. Attackers can exploit stale allowlists or declarations that survive policy tightening to execute unauthorized commands...

3.7CVSS5.9AI score0.00035EPSS

Exploits0References6

Circl•added 2026/03/23 4:16 a.m.•0 views

CVE-2026-4571

creationtimestamp| type| source ---|---|--- 2026-03-23 04:16:07+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-4571...

6.5CVSS5.8AI score0.00035EPSS

Exploits1References1

Positive Technologies•added 2026/02/07 12:0 a.m.•3 views

PT-2026-6904

Stored Cross-Site Scripting XSS vulnerability in Loggro Pymes, via the 'descripción' parameter in the '/loggrodemo/jbrain/MaestraCuentasBancarias' endpoint...

5.1CVSS5.4AI score0.00023EPSS

Packet Storm•added 2025/12/23 12:0 a.m.•119 views

📄 Institute Admission Software 2.5 SQL Injection

Institute Admission Software version 2.5 suffers from a remote SQL injection vulnerability. ============================================================================================================================================= | Title : Institute Admission Software 2.5 SQL INjection...

8.2AI score

Packet Storm•added 2025/12/19 12:0 a.m.•116 views

📄 Institute Admission Software 2.5 Shell Upload

Institute Admission Software version 2.5 fails to properly validate and restrict uploaded files in the gallery upload functionality within the admin panel. =============================================================================================================================================...

7.1AI score

Packet Storm•added 2025/12/17 12:0 a.m.•119 views

📄 Institute Admission Software 2.5 Insecure Direct Object Reference

Institute Admission Software version 2.5 suffers from an insecure direct object reference vulnerability. ============================================================================================================================================= | Title : Institute Admission Software 2.5 IDOR...

7AI score