CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-3369

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00205EPSS

Exploits0References1

RedhatCVE•added 2025/02/06 2:53 a.m.•10 views

CVE-2025-23720

Cross-Site Request Forgery CSRF vulnerability in Marco Castelluccio Web Push web-push allows Stored XSS.This issue affects Web Push: from n/a through = 1.4.0...

7.1CVSS7.2AI score0.00205EPSS

Exploits0References1

NVD•added 2025/01/16 8:15 p.m.•6 views

CVE-2025-23720

Cross-Site Request Forgery CSRF vulnerability in Marco Castelluccio Web Push web-push allows Stored XSS.This issue affects Web Push: from n/a through = 1.4.0...

7.1CVSS0.00205EPSS

Exploits0References1

CVE•added 2025/01/16 8:6 p.m.•47 views

CVE-2025-23720

CVE-2025-23720 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress Web Push (web-push) plugin by Marco Castelluccio that can lead to stored XSS. The provided sources confirm the issue arises in Web Push and can result in stored XSS, affecting versions up to and including ...

7.1CVSS7.2AI score0.00205EPSS

Exploits0References1

Positive Technologies•added 2025/01/16 12:0 a.m.•3 views

PT-2025-5048 · Mozilla · Web-Push

Name of the Vulnerable Software and Affected Versions: Mozilla Web Push versions n/a through 1.4.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability in Mozilla Web Push, which allows Stored XSS. Recommendations: For Mozilla Web Push versions n/a through 1.4.0,...

7.1CVSS9.3AI score0.00205EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by