CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

CVE-2019-25744

WordPress Popup Builder 3.49 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by breaking out of option tags in the posttitle parameter. Attackers can submit crafted POST requests to the post.php endpoint with script payloads...

6.4CVSS

Exploits0References4

Positive Technologies•added 22 hours ago•6 views

PT-2026-46213

WordPress Soliloquy Lite 2.5.6 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting script tags in the post title field. Attackers can submit POST requests to the post editing endpoint with script payloads in the pos...

6.4CVSS5.6AI score

Exploits0References5

Vulnrichment•added 2026/05/13 2:22 p.m.•3 views

CVE-2020-37174 WOOF / Products Filter Professional for WooCommerce 1.2.3 Persistent XSS

WOOF Products Filter for WooCommerce 1.2.3 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by entering XSS payloads in design tab textfields. Attackers can inject JavaScript code through fields like 'Text for block toggle' a...

5.5CVSS5.7AI score0.00037EPSS

Exploits0References4

ATTACKERKB•added 2026/01/16 7:9 p.m.•2 views

CVE-2021-47839

Marky 0.0.1 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into markdown files. Attackers can upload crafted markdown files with embedded JavaScript payloads that execute when the file is opened, potentially enabling remote code executio...

7.2CVSS5.6AI score0.00042EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by