CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added yesterday•6 views

EUVD-2026-36931

Unauthenticated Cross Site Scripting XSS in ManageWP Worker = 4.9.31 versions...

7.1CVSS5.1AI score

Exploits0References2

NVD•added yesterday•4 views

CVE-2026-39463

Unauthenticated Cross Site Scripting XSS in ManageWP Worker = 4.9.31 versions...

7.1CVSS

Exploits0References1

CVE•added yesterday•4 views

CVE-2026-39463

CVE-2026-39463 affects the WordPress plugin ManageWP Worker (versions

7.1CVSS5.1AI score

Exploits0References1

Cvelist•added yesterday•22 views

CVE-2026-39463 WordPress ManageWP Worker plugin <= 4.9.31 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in ManageWP Worker = 4.9.31 versions...

7.1CVSS

Exploits0References1

Positive Technologies•added yesterday•5 views

PT-2026-49374

Unauthenticated Cross Site Scripting XSS in ManageWP Worker = 4.9.31 versions...

7.1CVSS5.1AI score

Exploits0References2

RedhatCVE•added 2026/06/05 7:21 p.m.•6 views

CVE-2026-3718

The ManageWP Worker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'MWP-Key-Name' HTTP request header in all versions up to, and including, 4.9.31. This is due to insufficient input sanitization and output escaping of attacker-controlled header values. This makes it...

7.2CVSS5.7AI score0.00201EPSS

Exploits0References1

Patchstack•added 2026/05/14 11:12 a.m.•6 views

WordPress ManageWP Worker plugin <= 4.9.31 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by timomangcut in WordPress Plugin ManageWP Worker versions = 4.9.31...

7.2CVSS5.8AI score0.00201EPSS

Exploits0References1Affected Software1

NVD•added 2026/05/14 7:16 a.m.•5 views

CVE-2026-3718

7.2CVSS0.00201EPSS

Exploits0References2

CVE•added 2026/05/14 6:44 a.m.•11 views

CVE-2026-3718

The ManageWP Worker plugin for WordPress is affected by CVE-2026-3718: Stored Cross-Site Scripting via the MWP-Key-Name HTTP header in all versions up to 4.9.31. Root cause: insufficient input sanitization and output escaping of attacker-controlled header values. Impact: unauthenticated attackers...

7.2CVSS6AI score0.00201EPSS

Exploits0References2

ATTACKERKB•added 2026/05/14 6:44 a.m.•4 views

CVE-2026-3718

7.2CVSS6AI score0.00201EPSS

Exploits0References3

CNNVD•added 2026/05/14 12:0 a.m.•6 views

WordPress plugin ManageWP Worker 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.2CVSS5.8AI score0.00201EPSS

Exploits0References1

Positive Technologies•added 2026/05/14 12:0 a.m.•6 views

PT-2026-40883

7.2CVSS6AI score0.00201EPSS

Exploits0References3

Patchstack•added 2026/04/13 11:18 a.m.•2 views

WordPress ManageWP Worker plugin <= 4.9.31 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Steven Julian in WordPress Plugin ManageWP Worker versions = 4.9.31...

5.8AI score

Exploits0Affected Software1

Rows per page