CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-28360

Malicious code in bioql PyPI...

7.1CVSS8.6AI score0.00099EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 9:47 a.m.•5 views

CVE-2024-30439

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BestWebSoft Limit Attempts by BestWebSoft allows Reflected XSS.This issue affects Limit Attempts by BestWebSoft: from n/a through 1.2.9...

7.1CVSS8.6AI score0.00099EPSS

Exploits0References1

OSV•added 2024/11/04 1:17 p.m.•1 views

CVE-2024-51558

This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker could exploit this vulnerability by conducting a brute force attack against legitimate user OTP, MPIN or password, which could lead to gain...

9.8CVSS5.8AI score0.01587EPSS

Exploits0References1

NVD•added 2024/03/29 6:15 p.m.•15 views

CVE-2024-30439

7.1CVSS6.9AI score0.00099EPSS

Exploits0References1

CVE•added 2024/03/29 5:19 p.m.•57 views

CVE-2024-30439

CVE-2024-30439 is a reflected XSS in BestWebSoft Limit Attempts plugin for WordPress, caused by improper neutralization of input during web page generation. Affected versions are from n/a up to 1.2.9. Public records (Red Hat entry) confirm the root cause and vulnerability class but do not specify...

7.1CVSS8.6AI score0.00099EPSS

Exploits0References1

Cvelist•added 2024/03/29 5:19 p.m.•19 views

CVE-2024-30439 WordPress Limit Attempts by BestWebSoft plugin <= 1.2.9 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS7.1AI score0.00099EPSS

Exploits0References1

Positive Technologies•added 2024/03/29 12:0 a.m.•2 views

PT-2024-23367 · Bestwebsoft · Limit Attempts

Name of the Vulnerable Software and Affected Versions: Limit Attempts by BestWebSoft versions 1.2.9 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential...

7.1CVSS9.3AI score0.00099EPSS

Exploits0References5

CNNVD•added 2024/03/29 12:0 a.m.•2 views

WordPress Plugin Limit Attempts by BestWebSoft 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. WordPress Plugin Limit Attempts by BestWebSoft A...

7.1CVSS7.5AI score0.00099EPSS

Exploits0References3

Positive Technologies•added 2023/04/29 12:0 a.m.•2 views

PT-2023-8053 · Eurotel · Eurotel Etl3100

Name of the Vulnerable Software and Affected Versions: EuroTel ETL3100 versions v01c01 and v01x37 Description: The issue is related to the lack of limitations on authentication attempts, which can be exploited by a remote attacker to gain full access to the system through brute-force guessing of...

9.8CVSS9.6AI score0.00082EPSS

Exploits1References8

CNVD•added 2019/08/28 12:0 a.m.•2 views

WordPress limit-attempts plugin SQL injection vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blogs on PHP and MySQL servers. limit-attempts is a website security plugin that targets spam and brute-force attacks. A SQL injection vulnerability exists in the WordPres...

9.8CVSS8AI score0.00546EPSS

Exploits0References1

NVD•added 2019/08/22 1:15 p.m.•13 views

CVE-2015-9335

The limit-attempts plugin before 1.1.1 for WordPress has SQL injection during IP address handling...

9.8CVSS10AI score0.00546EPSS

Exploits0References1

Prion•added 2019/08/22 1:15 p.m.•9 views

Sql injection

The limit-attempts plugin before 1.1.1 for WordPress has SQL injection during IP address handling...

7.5CVSS8.4AI score0.00546EPSS

Exploits0References1Affected Software1

CVE•added 2019/08/22 12:17 p.m.•45 views

CVE-2015-9335

CVE-2015-9335 : A SQL injection vulnerability exists in the WordPress limit-attempts plugin prior to version 1.1.1 during IP address handling. This affects the plugin used with WordPress, enabling potentially unauthorized SQL commands through crafted input. The CVSS indications show high impact (...

9.8CVSS9.9AI score0.00546EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/08/22 12:17 p.m.•13 views

CVE-2015-9335

The limit-attempts plugin before 1.1.1 for WordPress has SQL injection during IP address handling...

10AI score0.00546EPSS

Exploits0References1

Packet Storm•added 2015/12/17 12:0 a.m.•36 views

WordPress Limit Attempts 1.0.3 Cross Site Scripting

Plugin Name : Limit Attempts Effected Version : 1.0.3 and most probably lower version's if any Vulnerability : A3-Cross-Site Scripting XSS Identified by : Madhu Akula Technical Details Minimum Level of Access Required : Administrator PoC - Proof of Concept : The following fields put the payload a...

7.4AI score

Exploits0

Packet Storm•added 2015/12/17 12:0 a.m.•25 views

WordPress Limit Attempts 1.0.3 Cross Site Request Forgery

Plugin Name : WP Limit Attempts A8-Cross-SiteRequestForgeryCSRF Effected Version : 1.0.3 and most probably lower version's if any Vulnerability : A8-Cross-Site Request Forgery CSRF Identified by : Madhu Akula Technical Details Minimum Level of Access Required : Unauthenticated PoC - Proof of...

7.4AI score

Exploits0

0day.today•added 2015/12/17 12:0 a.m.•17 views

WordPress Limit Attempts 1.0.3 Cross Site Scripting / Cross Site Request Forgery Vulnerabilities

Exploit for php platform in category web applications WordPress Limit Attempts 1.0.3 Cross Site Scripting / Cross Site Request Forgery Vulnerabilities Plugin Name : Limit Attempts Effected Version : 1.0.3 and most probably lower version's if any Identified by : Madhu Akula Technical Details Minim...

7.1AI score

Exploits0