CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-52332

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00175EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 4:0 a.m.•5 views

CVE-2024-54205

Cross-Site Request Forgery CSRF vulnerability in Paloma Paloma Widget postman-widget allows Cross Site Request Forgery.This issue affects Paloma Widget: from n/a through = 1.14...

7.1CVSS7.2AI score0.00175EPSS

Exploits0References1

NVD•added 2024/12/06 2:15 p.m.•21 views

CVE-2024-54205

Cross-Site Request Forgery CSRF vulnerability in Paloma Paloma Widget postman-widget allows Cross Site Request Forgery.This issue affects Paloma Widget: from n/a through = 1.14...

7.1CVSS0.00175EPSS

Exploits0References1

Vulnrichment•added 2024/12/06 1:7 p.m.•11 views

CVE-2024-54205 WordPress Paloma Widget plugin <= 1.14 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Paloma Paloma Widget postman-widget allows Cross Site Request Forgery.This issue affects Paloma Widget: from n/a through = 1.14...

7.1CVSS8.5AI score0.00175EPSS

Exploits0References1

CVE•added 2024/12/06 1:7 p.m.•49 views

CVE-2024-54205

CVE-2024-54205 describes a CSRF to Stored XSS vulnerability in the Paloma Widget (WordPress plugin) affecting Paloma Widget versions up to 1.14. The CVE entry, and multiple sources, confirm cross-site request forgery as the vector with a stored XSS outcome, impacting the Paloma Widget as identifi...

7.1CVSS7.2AI score0.00175EPSS

Exploits0References1

Cvelist•added 2024/12/06 1:7 p.m.•16 views

CVE-2024-54205 WordPress Paloma Widget plugin <= 1.14 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Paloma Paloma Widget postman-widget allows Cross Site Request Forgery.This issue affects Paloma Widget: from n/a through = 1.14...

7.1CVSS0.00175EPSS

Exploits0References1

CNNVD•added 2024/12/06 12:0 a.m.•2 views

WordPress plugin Paloma Widget 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

7.1CVSS8.2AI score0.00175EPSS

Exploits0References1

Positive Technologies•added 2024/12/06 12:0 a.m.•2 views

PT-2024-36082 · Unknown · Paloma Widget

Name of the Vulnerable Software and Affected Versions: Paloma Widget versions 1.14 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the Paloma Widget, allowing unauthorized requests. This can lead to malicious actions being performed on behalf of the user. Recommendations:...

7.1CVSS6.9AI score0.00175EPSS

Exploits0References4