CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Vulnrichment•added 2026/06/08 4:50 p.m.•9 views

CVE-2026-25856 OpenBullet2 0.3.2 Authenticated RCE via Job Configuration Interface

OpenBullet2 through version 0.3.2 contains an authenticated remote code execution vulnerability that allows authenticated users to execute arbitrary C code on the server host by creating or modifying job configurations. Attackers can leverage the plain C execution mode, which lacks reference...

8.8CVSS6.6AI score0.00473EPSS

Exploits0References2

Github Security Blog•added 2026/05/12 3:7 p.m.•12 views

Dalfox Server Mode Vulnerable to Unauthenticated Remote Code Execution via `found-action`

GHSA: Unauthenticated Remote Code Execution via found-action in Dalfox Server Mode Summary When dalfox is started in REST API server mode dalfox server, the server binds to 0.0.0.0:6664 by default and requires no API key unless the operator explicitly passes --api-key. Because model.Options —...

10CVSS6.4AI score0.01147EPSS

Exploits2References4Affected Software1

Packet Storm News•added 2026/04/06 12:0 a.m.•3 views

METATRON AI Penetration Testing

Metatron is a CLI-based AI penetration testing assistant that runs entirely on your local machine - no cloud, no API keys, no subscriptions. You give it a target IP or domain. It runs real recon tools nmap, whois, whatweb, curl, dig, nikto, feeds all results to a locally running AI model, and the...

5.9AI score

Exploits0

RedhatCVE•added 2025/05/23 4:45 a.m.•6 views

CVE-2023-22680

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Altanic No API Amazon Affiliate plugin = 4.2.2 versions...

5.9CVSS5.6AI score0.00392EPSS

Exploits0References1

RedhatCVE•added 2025/04/03 4:14 p.m.•15 views

CVE-2025-31890

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mashi Simple Map No Api simple-map-no-api allows Stored XSS.This issue affects Simple Map No Api: from n/a through = 1.9...

6.5CVSS7.2AI score0.0019EPSS

Exploits0References1

CVE•added 2025/04/01 2:52 p.m.•65 views

CVE-2025-31890

CVE-2025-31890 affects the WordPress plugin Simple Map No Api. The connected Wordfence vulnerability listing indicates an Authenticated (Contributor+) Stored Cross-Site Scripting issue in Simple Map No Api, with the affected range up to version 1.9. The root cause is improper neutralization of in...

6.5CVSS7.2AI score0.0019EPSS

Exploits0References1

Cvelist•added 2025/04/01 2:52 p.m.•22 views

CVE-2025-31890 WordPress Simple Map No Api plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.0019EPSS

Exploits0References1

OSV•added 2025/02/18 5:15 a.m.•4 views

CVE-2024-13565

The Simple Map No Api plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...

5.4CVSS7.4AI score0.00278EPSS

Exploits0References3

NVD•added 2025/02/18 5:15 a.m.•21 views

CVE-2024-13565

6.4CVSS0.00278EPSS

Exploits0References3

OSV•added 2023/03/20 12:15 p.m.•3 views

CVE-2023-22680

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Altanic No API Amazon Affiliate plugin = 4.2.2 versions...

4.8CVSS5.8AI score0.00392EPSS

Exploits0References1

NVD•added 2023/03/20 12:15 p.m.•9 views

CVE-2023-22680

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Altanic No API Amazon Affiliate plugin = 4.2.2 versions...

5.9CVSS5.4AI score0.00392EPSS

Exploits0References1

Prion•added 2023/03/20 12:15 p.m.•11 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Altanic No API Amazon Affiliate plugin = 4.2.2 versions...

4.3CVSS4.9AI score0.00392EPSS

Exploits0References1Affected Software1

CVE•added 2023/03/20 11:36 a.m.•39 views

CVE-2023-22680

CVE-2023-22680 affects the WordPress plugin No API Amazon Affiliate (Altanic No API Amazon Affiliate) 4.2.2 (4.4.0) with low severity. No public exploit details are provided in the connected documents. Remediation: upgrade to a version greater than 4.2.2 (e.g., 4.4.0+). If upgrading is not feasib...

5.9CVSS4.9AI score0.00392EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by