CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-4834

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.0005EPSS

Exploits0References4

RedhatCVE•added 2025/02/20 4:29 a.m.•6 views

CVE-2024-13852

The Option Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing nonce validation on the pluginpage function. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site via a forged request, grant...

8.8CVSS6.9AI score0.0005EPSS

Exploits0References1

OSV•added 2025/02/18 5:15 a.m.•0 views

CVE-2024-13852

8.8CVSS7.2AI score

Exploits0References3

CVE•added 2025/02/18 4:21 a.m.•57 views

CVE-2024-13852

CVE-2024-13852 affects the WordPress plugin Option Editor (version 1.0). The root cause is missing nonce validation in the plugin_page() function, enabling CSRF. This allows unauthenticated attackers to forge requests to update arbitrary site options, potentially setting the default registration ...

8.8CVSS7AI score0.0005EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2025/02/18 4:21 a.m.•7 views

CVE-2024-13852 Option Editor <= 1.0 - Cross-Site Request Forgery to Arbitrary Options Update

8.8CVSS6.9AI score0.0005EPSS

Exploits0References3

Cvelist•added 2025/02/18 4:21 a.m.•9 views

CVE-2024-13852 Option Editor <= 1.0 - Cross-Site Request Forgery to Arbitrary Options Update

8.8CVSS0.0005EPSS

Exploits0References3

CNNVD•added 2025/02/18 12:0 a.m.•1 views

WordPress plugin Option Editor 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery...

8.8CVSS8.7AI score0.0005EPSS

Exploits0References3