CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

247 matches found

RedhatCVE•added 2025/02/04 10:46 p.m.•5 views

CVE-2024-44002

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Team Showcase team allows Reflected XSS.This issue affects Team Showcase: from n/a through = 1.22.25...

7.1CVSS5.9AI score0.00682EPSS

Exploits0References1

Vulnrichment•added 2025/02/03 2:23 p.m.•11 views

CVE-2025-22679 WordPress Job Board Manager Plugin <= 2.1.60 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Job Board Manager allows Reflected XSS. This issue affects Job Board Manager: from n/a through 2.1.60...

7.1CVSS6.9AI score0.00048EPSS

Exploits0References1

NVD•added 2025/01/24 6:15 p.m.•2 views

CVE-2025-24622

Cross-Site Request Forgery CSRF vulnerability in PickPlugins Job Board Manager job-board-manager allows Cross Site Request Forgery.This issue affects Job Board Manager: from n/a through = 2.1.59...

5.4CVSS0.00145EPSS

Exploits0References1

Positive Technologies•added 2025/01/24 12:0 a.m.•2 views

PT-2025-5451 · Pickplugins · Pickplugins Job Board Manager

Name of the Vulnerable Software and Affected Versions: PickPlugins Job Board Manager versions 2.1.59 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the PickPlugins Job Board Manager, allowing unauthorized actions to be performed on behalf of a user. Recommendations: For...

5.4CVSS7.3AI score0.00145EPSS

Exploits0References5

Cvelist•added 2024/12/05 8:23 a.m.•18 views

CVE-2024-10937 Related Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPlugins <= 2.0.58 - Sensitive Information Exposure

The Related Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPlugins plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.58 via the wpajaxnoprivrelatedpostajaxgetpostids AJAX action. This makes it possible for...

5.3CVSS0.00405EPSS

Exploits0References2

Vulnrichment•added 2024/12/05 8:23 a.m.•11 views

CVE-2024-10937 Related Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPlugins <= 2.0.58 - Sensitive Information Exposure

5.3CVSS7AI score0.00405EPSS

Exploits0References2

NVD•added 2024/11/30 10:15 p.m.•10 views

CVE-2024-53772

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Mail Picker mail-picker allows DOM-Based XSS.This issue affects Mail Picker: from n/a through = 1.0.15...

6.5CVSS0.00062EPSS

Exploits0References1

CVE•added 2024/11/30 9:24 p.m.•41 views

CVE-2024-53772

CVE-2024-53772 refers to a DOM-based XSS in the Mail Picker plugin for WordPress. Affected software: PickPlugins Mail Picker, versions up to and including 1.0.14 (WordPress Mail Picker). The vulnerability arises from Improper Neutralization of Input During Web Page Generation, enabling cross-site...

6.5CVSS7.2AI score0.00062EPSS

Exploits0References1

Positive Technologies•added 2024/11/30 12:0 a.m.•2 views

PT-2024-35884 · Pickplugins · Pickplugins Mail Picker

Name of the Vulnerable Software and Affected Versions: PickPlugins Mail Picker versions 1.0.14 and earlier Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing DOM-Based XSS. This means that an attacker...

6.5CVSS9AI score0.00062EPSS

Exploits0References5

NVD•added 2024/11/01 3:15 p.m.•8 views

CVE-2024-38726

Missing Authorization vulnerability in PickPlugins Product Designer allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Product Designer: from n/a through 1.0.33...

7.5CVSS0.0015EPSS

Exploits0References1

CVE•added 2024/11/01 2:18 p.m.•41 views

CVE-2024-38726

The CVE-2024-38726 entry concerns WordPress Product Designer plugin versions prior to or equal to 1.0.33, with a Missing Authorization vulnerability that allows Access to functionality not properly constrained by ACLs. The issue affects PickPlugins Product Designer and is documented as an Arbitra...

7.5CVSS7.5AI score0.0015EPSS

Exploits0References1

NVD•added 2024/10/28 7:15 p.m.•10 views

CVE-2024-50432

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Cross-Site Scripting XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through = 2.2.93...

6.5CVSS0.00193EPSS

Exploits0References1

NVD•added 2024/10/06 11:15 a.m.•9 views

CVE-2024-47342

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Accordion accordions allows Stored XSS.This issue affects Accordion: from n/a through = 2.2.99...

6.5CVSS0.00156EPSS

Exploits0References1

NVD•added 2024/10/06 11:15 a.m.•7 views

CVE-2024-47340

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through = 2.2.89...

6.5CVSS0.00156EPSS

Exploits0References1

CVE•added 2024/10/06 10:51 a.m.•34 views

CVE-2024-47340

CVE-2024-47340 applies to WordPress plugins Post Grid and Gutenberg Blocks (ComboBlocks), with vulnerable versions up to 2.2.89. Description: Improper Input Neutralization during web page generation leading to Stored XSS. Root cause: improper handling of input in the Post Grid/Gutenberg Blocks re...

6.5CVSS5.9AI score0.00156EPSS

Exploits0References1

Vulnrichment•added 2024/10/06 10:51 a.m.•6 views

CVE-2024-47340 WordPress ComboBlocks plugin <= 2.2.89 - Cross Site Scripting (XSS) vulnerability

6.5CVSS5.2AI score0.00156EPSS

Exploits0References1

Cvelist•added 2024/10/06 10:51 a.m.•16 views

CVE-2024-47340 WordPress ComboBlocks plugin <= 2.2.89 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00156EPSS

Exploits0References1

Cvelist•added 2024/10/06 10:48 a.m.•21 views

CVE-2024-47342 WordPress Accordion plugin <= 2.2.99 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00156EPSS

Exploits0References1

Positive Technologies•added 2024/10/06 12:0 a.m.•2 views

PT-2024-32555 · Pickplugins · Pickplugins Post Grid

Name of the Vulnerable Software and Affected Versions: PickPlugins Post Grid and Gutenberg Blocks versions 2.2.89 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS,...

6.5CVSS6.6AI score0.00156EPSS

Exploits0References6

Positive Technologies•added 2024/10/06 12:0 a.m.•2 views

PT-2024-32557 · Pickplugins · Pickplugins Accordion

Name of the Vulnerable Software and Affected Versions: PickPlugins Accordion versions 2.2.99 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS in PickPlugins Accordion...

6.5CVSS5.8AI score0.00156EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by