CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

Patchstack•added 2026/01/30 6:22 a.m.•4 views

WordPress profile-builder plugin < 3.11.9 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by John Castro in WordPress Plugin Profile Builder versions 3.11.9...

9.8CVSS5.9AI score0.01084EPSS

Exploits1References1Affected Software1

Patchstack•added 2022/05/04 12:0 a.m.•30 views

WordPress Andrea Pernici News Sitemap for Google plugin <= 1.0.16 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by John Castro aka mirphak Pagely in WordPress Andrea Pernici News Sitemap for Google plugin versions = 1.0.16. Solution No patched version is available...

5.4CVSS2AI score0.0018EPSS

Exploits0References2Affected Software1

Patchstack•added 2021/10/07 12:0 a.m.•15 views

WordPress Comment Engine Pro plugin <= 1.0 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by John Castro Pagely in WordPress Comment Engine Pro plugin versions = 1.0. Solution Deactivate and delete. This plugin has been closed as of October 7, 2021 and is not available for download. Reason: Security Issue...

5.4CVSS2.2AI score0.00176EPSS

Exploits0References2Affected Software1

Patchstack•added 2021/02/24 12:0 a.m.•8 views

WordPress WooCommerce Customers Manager premium plugin <= 26.4 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability discovered by John Castro Pagely.com in WordPress WooCommerce Customers Manager premium plugin versions = 26.4. Solution Update the WordPress WooCommerce Customers Manager premium plugin to the latest available version at least 26.5...

2.2AI score

Exploits0References1Affected Software1

Patchstack•added 2020/06/22 12:0 a.m.•8 views

WordPress YITH WooCommerce Ajax Product Filter plugin <= 3.11.0 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability

Authenticated Reflected Cross-Site Scripting XSS vulnerability found by John Castro in WordPress YITH WooCommerce Ajax Product Filter plugin versions = 3.11.0. Solution Update the WordPress YITH WooCommerce Ajax Product Filter plugin to the latest available version at least 3.11.1...

2.5AI score

Exploits0References2Affected Software1

Patchstack•added 2019/05/21 12:0 a.m.•7 views

WordPress WP Live Chat Support plugin <= 8.0.26 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability

Unauthenticated Stored Cross-Site Scripting XSS vulnerability found by John Castro Sucuri in WordPress WP Live Chat Support plugin versions = 8.0.26. Solution 21 May 2019 - This plugin has been closed for new installations...

1.5AI score

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by