CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim's browser. The url parameter on the novelist.php endpoint does not properly neutralise user input, resulting in the vulnerability...

6.1CVSS6.7AI score0.00418EPSS

Exploits0References1

RedhatCVE•added 2025/03/29 12:17 p.m.•12 views

CVE-2025-30847

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ashley Novelist novelist allows Stored XSS.This issue affects Novelist: from n/a through = 1.2.3...

5.9CVSS7.2AI score0.00296EPSS

Exploits0References1

NVD•added 2025/03/27 11:15 a.m.•4 views

CVE-2025-30847

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ashley Novelist novelist allows Stored XSS.This issue affects Novelist: from n/a through = 1.2.3...

5.9CVSS0.00296EPSS

Exploits0References1

Patchstack•added 2025/03/27 11:5 a.m.•2 views

WordPress Novelist plugin <= 1.2.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by timomangcut in WordPress Plugin Novelist versions = 1.2.3...

5.9CVSS6.2AI score0.00296EPSS

Exploits0Affected Software1

CVE•added 2025/03/27 10:55 a.m.•45 views

CVE-2025-30847

CVE-2025-30847: Stored XSS in the Novelist WordPress plugin (Novelist) affecting versions up to 1.2.3. Exploitation requires authentication (Administrator+). Patch available to address the issue; affected range is from n/a through 1.2.3; CVSS v3.1 base score 5.9 (Medium).

5.9CVSS7.2AI score0.00296EPSS

Exploits0References1

Cvelist•added 2025/03/27 10:55 a.m.•11 views

CVE-2025-30847 WordPress Novelist plugin <= 1.2.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ashley Novelist novelist allows Stored XSS.This issue affects Novelist: from n/a through = 1.2.3...

5.9CVSS0.00296EPSS

Exploits0References1

CNNVD•added 2025/03/27 12:0 a.m.•1 views

WordPress plugin Ashley Novelist 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS7.9AI score0.00296EPSS

Exploits0References2

WPVulnDB•added 2024/04/17 12:0 a.m.•17 views

Novelist < 1.2.3 - Cross-Site Request Forgery

Description The Novelist plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.2. This is due to missing or incorrect nonce validation on the novelistrestoredefaultsettings function. This makes it possible for unauthenticated attackers to restore t...

5.4CVSS6.6AI score0.00209EPSS

Exploits0References1Affected Software1

NVD•added 2024/04/15 9:15 a.m.•8 views

CVE-2024-32093

Cross-Site Request Forgery CSRF vulnerability in Nose Graze Novelist.This issue affects Novelist: from n/a through 1.2.2...

5.4CVSS5.5AI score0.00209EPSS

Exploits0References1

CVE•added 2024/04/15 8:59 a.m.•49 views

CVE-2024-32093

Technical details about CVE-2024-32093 (affected product, root cause, impact, patch) are not provided in the supplied documents; no concrete specifics are available here. Monitor for official advisories for updates.

5.4CVSS5.1AI score0.00209EPSS

Exploits0References1

Vulnrichment•added 2024/04/15 8:59 a.m.•9 views

CVE-2024-32093 WordPress Novelist plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Nose Graze Novelist.This issue affects Novelist: from n/a through 1.2.2...

5.4CVSS5.1AI score0.00209EPSS

Exploits0References1

Cvelist•added 2024/04/15 8:59 a.m.•17 views

CVE-2024-32093 WordPress Novelist plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Nose Graze Novelist.This issue affects Novelist: from n/a through 1.2.2...

5.4CVSS5.7AI score0.00209EPSS

Exploits0References1

CNNVD•added 2024/04/15 12:0 a.m.•2 views

WordPress Plugin Novelist 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

5.4CVSS6.4AI score0.00209EPSS

Exploits0References2

Positive Technologies•added 2024/04/15 12:0 a.m.•4 views

PT-2024-24398 · Unknown · Nose Graze Novelist

Name of the Vulnerable Software and Affected Versions: Nose Graze Novelist versions through 1.2.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that t...

5.4CVSS6.6AI score0.00209EPSS

Exploits0References4

Patchstack•added 2024/04/11 10:6 a.m.•5 views

WordPress Novelist plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Novelist versions = 1.2.2...

5.4CVSS7AI score0.00209EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by