CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

Patchstack•added 2026/05/15 9:58 a.m.•7 views

WordPress Receive Notifications After Form Submitting – Form Notify for Any Forms plugin <= 1.1.10 - Unauthenticated Authentication Bypass vulnerability

Unauthenticated Authentication Bypass vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Receive Notifications After Form Submitting – Form Notify for Any Forms versions = 1.1.10...

9.8CVSS5.8AI score0.0014EPSS

Exploits1References1Affected Software1

NVD•added 2026/05/15 9:16 a.m.•8 views

CVE-2026-5229

The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.1.10. This is due to the plugin trusting user-controlled cookie data to determine which WordPress account to authenticate after a LINE OAuth login. When LINE doesn't provide an email...

9.8CVSS0.0014EPSS

Exploits1References10

Cvelist•added 2026/05/15 7:46 a.m.•35 views

CVE-2026-5229 Receive Notifications After Form Submitting – Form Notify for Any Forms <= 1.1.10 - Unauthenticated Authentication Bypass via LINE OAuth Callback

9.8CVSS0.0014EPSS

Exploits1References10

CNNVD•added 2025/12/24 12:0 a.m.•2 views

WordPress plugin Draft Notify 安全漏洞

WordPress Draft Notify plugin is a WordPress plugin for managing draft notifications on your WordPress site. The WordPress Draft Notify plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which...

5.9CVSS5.9AI score0.00027EPSS

Exploits0References1

CVE•added 2025/10/22 2:32 p.m.•4 views

CVE-2025-49962

The CVE-2025-49962 entry concerns the WordPress bbPress Notify plugin (bbpress-notify-nospam) with a Reflected XSS vulnerability due to improper handling/escaping of user-supplied data when generating web pages. Affected versions include bbPress Notify up to 2.19.4 (and related references indicat...

7.1CVSS5.9AI score0.0003EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-47561

Malicious code in bioql PyPI...

4.8CVSS5.3AI score0.00207EPSS

Exploits0References1

Vulnrichment•added 2025/06/27 11:52 a.m.•2 views

CVE-2025-30972 WordPress Woocommerce Line Notify plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iamapinan Woocommerce Line Notify woo-line-notify allows Stored XSS.This issue affects Woocommerce Line Notify: from n/a through = 1.1.7...

7.1CVSS5.8AI score0.00185EPSS

Exploits0References1

Cvelist•added 2025/06/27 11:52 a.m.•9 views

CVE-2025-30972 WordPress Woocommerce Line Notify plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability

7.1CVSS0.00185EPSS

Exploits0References1

CNNVD•added 2025/06/27 12:0 a.m.•2 views

WordPress plugin Woocommerce Line Notify 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

7.1CVSS5.8AI score0.00185EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:18 a.m.•1 views

CVE-2023-30497

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Simon Chuang WP LINE Notify plugin = 1.4.4 versions...

7.1CVSS5.8AI score0.00208EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 12:47 a.m.•3 views

CVE-2022-44625

Auth. admin+ Stored Cross-Site Scripting' vulnerability in Zephilou Cyklodev WP Notify plugin = 1.2.1 versions...

4.8CVSS6.6AI score0.00207EPSS

Exploits0References1

RedhatCVE•added 2025/05/17 9:5 p.m.•7 views

CVE-2023-7195

The WP-Reply Notify WordPress plugin through 1.1 does not have a CSRF check in place when updating its settings, which could allow attackers to make a logged-in admin change them via a CSRF attack...

4.3CVSS6.7AI score0.00252EPSS

Exploits2References3

CNNVD•added 2025/05/15 12:0 a.m.•2 views

WordPress plugin WP-Reply Notify 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS8.6AI score0.00252EPSS

Exploits2References1

Patchstack•added 2024/01/31 12:0 a.m.•5 views

WordPress Fatal Error Notify Plugin < 1.5.3 is vulnerable to Broken Access Control

Software Fatal Error Notify Type Plugin Vulnerable versions 1.5.3 Fixed in 1.5.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-7202 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 55ba4f7fb253 Credits Dmitrii Ignatyev Required...

6.1CVSS6.5AI score0.00117EPSS

Exploits3References4Affected Software1

NVD•added 2023/09/06 9:15 a.m.•11 views

CVE-2023-30497

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Simon Chuang WP LINE Notify plugin = 1.4.4 versions...

7.1CVSS6.2AI score0.00208EPSS

Exploits0References1