CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Smart Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

5.5CVSS0.00197EPSS

Exploits0References2

NVD•added 2025/10/03 12:15 p.m.•3 views

CVE-2025-9372

The Ultimate Multi Design Video Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access, to inject...

5.5CVSS0.00197EPSS

Exploits0References2

NVD•added 2025/10/03 12:15 p.m.•5 views

CVE-2025-10053

The TableGen – Data Table Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS0.0022EPSS

Exploits0References2

CVE•added 2025/10/03 11:17 a.m.•17 views

CVE-2025-9372

CVE-2025-9372 documents a stored XSS vulnerability in WordPress plugin Ultimate Multi Design Video Carousel (versions ≤ 1.4) caused by insufficient input sanitization and output escaping. Exploitation requires authenticated access at editor level and affects multi-site installations or sites wher...

5.5CVSS4.7AI score0.00197EPSS

Exploits0References2

EUVD•added 2025/10/03 11:17 a.m.•2 views

EUVD-2025-32261

5.5CVSS4.6AI score0.00197EPSS

Exploits0References3

Cvelist•added 2025/10/03 11:17 a.m.•9 views

CVE-2025-9372 Ultimate Multi Design Video Carousel <= 1.4 - Authenticated (Editor+) Stored Cross-Site Scripting

5.5CVSS0.00197EPSS

Exploits0References2

Vulnrichment•added 2025/10/03 11:17 a.m.•4 views

CVE-2025-10053 TableGen – Data Table Generator <= 1.3.1 - Authenticated (Admin+) Stored Cross-Site Scripting

4.4CVSS4.7AI score0.0022EPSS

Exploits0References2

EUVD•added 2025/10/03 11:17 a.m.•4 views

EUVD-2025-32266

4.4CVSS4.5AI score0.0022EPSS

Exploits0References3

Cvelist•added 2025/10/03 11:17 a.m.•10 views

CVE-2025-10053 TableGen – Data Table Generator <= 1.3.1 - Authenticated (Admin+) Stored Cross-Site Scripting

4.4CVSS0.0022EPSS

Exploits0References2

CVE•added 2025/10/03 11:17 a.m.•15 views

CVE-2025-9332

CVE-2025-9332 involves the WordPress plugin Interactive Human Anatomy with Clickable Body Parts (vulnerable up to and including 2.6). The issue is a stored XSS triggered by insufficient input sanitization and output escaping in admin settings, exploitable by authenticated attackers with administr...

5.5CVSS4.7AI score0.00197EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by