CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-4549

Malicious code in bioql PyPI...

6.4CVSS9.2AI score0.00271EPSS

Exploits0References4

RedhatCVE•added 2025/02/23 3:29 a.m.•6 views

CVE-2024-13672

The Mini Course Generator | Embed mini-courses and interactive content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mcg' shortcode in all versions up to, and including, 1.0.5 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.8AI score0.00271EPSS

Exploits0References1

OSV•added 2025/02/21 4:15 a.m.•1 views

CVE-2024-13672

5.4CVSS7.4AI score0.00271EPSS

Exploits0References3

CVE•added 2025/02/21 3:21 a.m.•48 views

CVE-2024-13672

CVE-2024-13672 pertains to the WordPress plugin “Mini Course Generator” and enables Stored Cross-Site Scripting via the mcg shortcode on affected pages. The issue affects versions up to 1.0.5 and arises from insufficient input sanitization and output escaping for user-supplied attributes, enablin...

6.4CVSS5.7AI score0.00271EPSS

Exploits0References3Affected Software1

Cvelist•added 2025/02/21 3:21 a.m.•8 views

CVE-2024-13672 Mini Course Generator | Embed mini-courses and interactive content <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS0.00271EPSS

Exploits0References3

Vulnrichment•added 2025/02/21 3:21 a.m.•4 views

CVE-2024-13672 Mini Course Generator | Embed mini-courses and interactive content <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS5.8AI score0.00271EPSS

Exploits0References3

Positive Technologies•added 2025/02/21 12:0 a.m.•4 views

PT-2025-7377 · WordPress · The Mini Course Generator

Name of the Vulnerable Software and Affected Versions: The Mini Course Generator | Embed mini-courses and interactive content plugin for WordPress versions up to, and including, 1.0.5 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and outpu...

6.4CVSS8AI score0.00271EPSS

Exploits0References9

Patchstack•added 2025/02/20 5:4 p.m.•3 views

WordPress Mini Course Generator plugin <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Mini Course Generator versions = 1.0.5...

6.4CVSS5.7AI score0.00271EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by