CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

70 matches found

RedhatCVE•added 2026/02/06 1:30 p.m.•5 views

CVE-2026-1654

The Peter's Date Countdown plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' parameter in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS5.6AI score0.00067EPSS

Exploits0References1

NVD•added 2026/02/05 10:16 a.m.•3 views

CVE-2026-1654

6.1CVSS0.00067EPSS

Exploits0References3

Cvelist•added 2026/02/05 9:13 a.m.•30 views

CVE-2026-1654 Peter's Date Countdown <= 2.0.0 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']

6.1CVSS0.00067EPSS

Exploits0References3

EUVD•added 2026/02/05 9:13 a.m.•3 views

EUVD-2026-5549

6.1CVSS5.6AI score0.00067EPSS

Exploits0References3

Patchstack•added 2026/02/05 7:19 a.m.•8 views

WordPress Peter's Date Countdown plugin <= 2.0.0 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability

Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Peter’s Date Countdown versions = 2.0.0...

6.1CVSS5.3AI score0.00067EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2026/01/09 11:11 a.m.•2 views

CVE-2016-10925

The peters-login-redirect plugin before 2.9.1 for WordPress has XSS during the editing of redirect URLs...

6.1CVSS6.2AI score0.0019EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-40587

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00297EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-27955

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.00236EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-26821

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00106EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:17 a.m.•7 views

CVE-2024-32126

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jeroen Peters Navigation menu as Dropdown Widget navigation-menu-as-dropdown-widget.This issue affects Navigation menu as Dropdown Widget: from n/a through = 1.3.4...

5.9CVSS5.9AI score0.00143EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:49 a.m.•2 views

CVE-2024-43938

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jeroen Peters Name Directory name-directory.This issue affects Name Directory: from n/a through = 1.29.0...

6.5CVSS5.9AI score0.00297EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:44 a.m.•8 views

CVE-2023-22692

Cross-Site Request Forgery CSRF vulnerability in Jeroen Peters Name Directory plugin = 1.27.1 versions...

8.8CVSS7.1AI score0.00106EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 8:2 a.m.•3 views

CVE-2019-15115

The peters-login-redirect plugin before 2.9.2 for WordPress has CSRF...

8.8CVSS7.1AI score0.00092EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 6:17 p.m.•6 views

CVE-2025-39454

Missing Authorization vulnerability in Jeroen Peters Name Directory name-directory.This issue affects Name Directory: from n/a through = 1.30.0...

4.3CVSS7.2AI score0.00236EPSS

Exploits0References1

NVD•added 2025/05/19 6:15 p.m.•6 views

CVE-2025-39454

Missing Authorization vulnerability in Jeroen Peters Name Directory name-directory.This issue affects Name Directory: from n/a through = 1.30.0...

4.3CVSS0.00236EPSS

Exploits0References1

Patchstack•added 2025/04/17 9:18 a.m.•6 views

WordPress Name Directory plugin <= 1.30.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Name Directory versions = 1.30.0...

4.3CVSS8.4AI score0.00236EPSS

Exploits0Affected Software1

CVE•added 2025/01/07 2:57 p.m.•53 views

CVE-2025-22559

CVE-2025-22559 : TubePress.NET suffers a Cross-Site Request Forgery (CSRF) issue up to version 4.0.1 that can lead to Stored Cross-Site Scripting (XSS). The linked Wordfence/mitigation data confirms the vulnerability class and affected scope but does not provide exploit steps, affected plugin dep...

7.1CVSS7.2AI score0.00213EPSS

Exploits0References1

CNNVD•added 2024/12/18 12:0 a.m.•2 views

WordPress plugin Peter’s Custom Anti-Spam 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

5.4CVSS8.2AI score0.00142EPSS

Exploits0References4

NVD•added 2024/09/17 11:15 p.m.•9 views

CVE-2024-43938

6.5CVSS0.00297EPSS

Exploits0References1

CVE•added 2024/09/17 10:43 p.m.•41 views

CVE-2024-43938

CVE-2024-43938 describes a reflected Cross-Site Scripting (XSS) vulnerability in the WordPress Name Directory plugin, affecting versions up to 1.29.0. The issue arises from improper neutralization of user input during web page generation, enabling Attackers to inject scripts via crafted input tha...

6.5CVSS5.9AI score0.00297EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by