CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

40 matches found

RedhatCVE•added 2026/01/13 10:53 p.m.•10 views

CVE-2025-13853

The Nearby Now Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'datatech' parameter of the nn-tech shortcode in all versions up to, and including, 5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS5.1AI score0.00052EPSS

Exploits0References1

NVD•added 2026/01/09 10:15 a.m.•2 views

CVE-2025-13853

6.4CVSS0.00052EPSS

Exploits0References3

CVE•added 2026/01/09 9:19 a.m.•14 views

CVE-2025-13853

CVE-2025-13853 affects Nearby Now Reviews (WordPress plugin) and is an authenticated Stored XSS in the nn-tech shortcode via the data_tech parameter, impacting all versions up to 5.2. The flaw arises from insufficient input sanitization and output escaping, enabling an attacker with Contributor+ ...

6.4CVSS4.8AI score0.00052EPSS

Exploits0References3

Vulnrichment•added 2026/01/09 9:19 a.m.•2 views

CVE-2025-13853 Nearby Now Reviews <= 5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

6.4CVSS4.8AI score0.00052EPSS

Exploits0References3

Cvelist•added 2026/01/09 9:19 a.m.•24 views

CVE-2025-13853 Nearby Now Reviews <= 5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

6.4CVSS0.00052EPSS

Exploits0References3

Positive Technologies•added 2026/01/09 12:0 a.m.•4 views

PT-2026-1717

Name of the Vulnerable Software and Affected Versions Nearby Now Reviews plugin for WordPress versions up to and including 5.2 Description The Nearby Now Reviews plugin for WordPress is susceptible to Stored Cross-Site Scripting through the data tech parameter of the nn-tech shortcode. Insufficie...

6.4CVSS5.1AI score0.00052EPSS

Exploits0References7

CNNVD•added 2026/01/09 12:0 a.m.•2 views

WordPress plugin Nearby Now Reviews 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.8AI score0.00052EPSS

Exploits0References3

EUVD•added 2025/11/12 8:46 p.m.•2 views

EUVD-2025-134772

Malicious code in anabuyil-nn-nii npm...

6.6AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2002-1767

Malware in sbrugna...

7.5CVSS6.4AI score0.01015EPSS

Exploits0References5

OSV•added 2025/10/04 1:46 a.m.•1 views

MAL-2025-48353 Malicious code in @pwnedshell/nn (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

6.9AI score

Exploits0

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-29959

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00052EPSS

Exploits0References2

OSV•added 2025/09/25 3:16 p.m.•1 views

CVE-2025-46149

In PyTorch before 2.7.0, when inductor is used, nn.Fold has an assertion error...

5.3CVSS7AI score

Exploits0References3

NVD•added 2025/09/25 3:16 p.m.•2 views

CVE-2025-46149

In PyTorch before 2.7.0, when inductor is used, nn.Fold has an assertion error...

5.3CVSS0.00025EPSS

Exploits0References3

CVE•added 2025/09/25 12:0 a.m.•13 views

CVE-2025-46149

CVE-2025-46149 is linked to PyTorch, affecting versions before 2.7.0. When using inductor, nn.Fold triggers an assertion error, per the IBM security bulletin listing this CVE among multiple PyTorch-related issues. The IBM entry provides the concrete detail that the vulnerability manifests as an a...

5.3CVSS6.6AI score0.00025EPSS

Exploits0References3Affected Software1

OSV•added 2025/09/05 5:10 p.m.•1 views

MAL-2025-45373 Malicious code in nudt-nn-daikui (npm)

The package nudt-nn-daikui was found to contain malicious code...

7AI score

Exploits0

OSSF Malicious Packages•added 2025/09/05 5:10 p.m.•2 views

Malicious code in nudt-nn-daikui (npm)

The package nudt-nn-daikui was found to contain malicious code...

7AI score

Exploits0

OSV•added 2024/06/25 12:54 p.m.•4 views

MAL-2024-2825 Malicious code in package-egsdg-gdsfg-nn (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score

Exploits0

OSSF Malicious Packages•added 2024/06/25 12:54 p.m.•2 views

Malicious code in package-egsdg-gdsfg-nn (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score

Exploits0

CNNVD•added 2024/04/15 12:0 a.m.•1 views

iTop 安全漏洞

iTop is a platform that provides all the resources needed to optimize iTop. A security vulnerability exists in iTop versions 3.1.1 and 3.2.0, which stems from a cross-site scripting attack that can be executed by populating an object's friendly name/supplemental name with malicious code when the...

8.7CVSS6AI score0.00723EPSS

Exploits0References3