CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

62 matches found

NVD•added 2026/05/20 5:16 a.m.•12 views

CVE-2026-5075

The All in One SEO plugin for WordPress is vulnerable to Sensitive Information Exposure via 'internalOptions' localized script data in versions up to, and including, 4.9.7 due to sensitive internal option data being passed to wplocalizescript in post editor contexts without effective masking for...

4.3CVSS0.0003EPSS

Exploits0References2

CVE•added 2025/11/11 3:30 a.m.•9 views

CVE-2025-11997

CVE-2025-11997 affects the WordPress plugin Document Pro Elementor – Documentation & Knowledge Base. The root cause is information exposure via frontend JS: Algolia API keys are exposed through wp_localize_script without proper access controls, enabling unauthenticated users to view keys in page ...

5.3CVSS5.7AI score0.00046EPSS

Exploits0References3

CVE•added 2025/11/05 6:35 a.m.•13 views

CVE-2025-12139

The CVE-2025-12139 vulnerability affects the File Manager for Google Drive – Integrate Google Drive with WordPress plugin for WordPress. The issue, present in all versions up to 1.5.3, stems from improper protection of the get_localize_data function and enables unauthenticated attackers to exfilt...

7.5CVSS5.3AI score0.18105EPSS

Exploits0References5

CNNVD•added 2025/11/05 12:0 a.m.•1 views

WordPress plugin integrate-google-drive 信息泄露漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin integrate-google-drive has an information disclosure vulnerability, the...

7.5CVSS5.7AI score0.18105EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-45761

Malicious code in bioql PyPI...

8.8CVSS9AI score0.0007EPSS

Exploits0References1

CNNVD•added 2024/09/03 12:0 a.m.•1 views

LimeSurvey 安全漏洞

LimeSurvey PHPSurveyor is a set of open source online questionnaire survey program from LimeSurvey team, which supports survey program development, questionnaire publishing and data collection. A security vulnerability exists in LimeSurvey version v6.6.2 and earlier versions, which stems from an...

8.8CVSS7.6AI score0.00215EPSS

Exploits1References4

Patchstack•added 2024/07/03 6:23 a.m.•1 views

WordPress nicen-localize-image plugin <= 1.4.0 - Malicious Polyfill.io Embed vulnerability

Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin nicen-localize-image versions = 1.4.0...

7AI score

Exploits0References1Affected Software1

Patchstack•added 2024/07/03 12:0 a.m.•4 views

WordPress nicen-localize-image Plugin <= 1.4.1 is vulnerable to Backdoor

Software nicen-localize-image Type Plugin Vulnerable versions = 1.4.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 9cc7d9fd0cd5 Credits Sansec.io Required privilege Unauthenticated Published 3 July,...

7.2AI score

Exploits0References3Affected Software1

OSV•added 2024/06/25 1:49 p.m.•3 views

MAL-2024-6728 Malicious code in auto-localize (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score

Exploits0References1

OSSF Malicious Packages•added 2024/06/25 1:49 p.m.•2 views

Malicious code in auto-localize (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score

Exploits0References1

OSV•added 2024/06/25 1:46 p.m.•4 views

MAL-2024-6455 Malicious code in activeadmin_mongoid-localize (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score

Exploits0References1

OSSF Malicious Packages•added 2024/06/25 1:46 p.m.•2 views

Malicious code in activeadmin_mongoid-localize (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score

Exploits0References1

OSV•added 2023/10/03 2:15 p.m.•0 views

CVE-2023-41244