CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Picture-Planet GmbH Verowa Connect verowa-connect allows Stored XSS.This issue affects Verowa Connect: from n/a through = 3.2.3...

6.5CVSS5.9AI score0.00042EPSS

Exploits0References1

RedhatCVE•added 2025/04/25 5:54 p.m.•4 views

CVE-2025-32609

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Picture-Planet GmbH Verowa Connect verowa-connect allows Reflected XSS.This issue affects Verowa Connect: from n/a through = 3.0.4...

7.1CVSS7.2AI score0.00219EPSS

Exploits0References1

NVD•added 2025/04/17 4:15 p.m.•2 views

CVE-2025-32609

7.1CVSS0.00219EPSS

Exploits0References1

CVE•added 2025/04/17 3:47 p.m.•40 views

CVE-2025-32609

CVE-2025-32609 (Verowa Connect) is a reflected XSS in the WordPress plugin Verowa Connect (Picture-Planet GmbH) affecting versions up to 3.0.4. Root cause: improper neutralization of input during web page generation. Public sources (Red Hat, CVE lists, CVE databases) confirm the vulnerability and...

7.1CVSS7.2AI score0.00219EPSS

Exploits0References1

RedhatCVE•added 2025/04/11 5:35 p.m.•4 views

CVE-2025-32676

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Picture-Planet GmbH Verowa Connect verowa-connect allows Blind SQL Injection.This issue affects Verowa Connect: from n/a through = 3.0.5...

7.6CVSS7.3AI score0.00408EPSS

Exploits0References1

NVD•added 2025/04/09 5:15 p.m.•11 views

CVE-2025-32676

7.6CVSS0.00408EPSS

Exploits0References1

CVE•added 2025/04/09 4:9 p.m.•46 views

CVE-2025-32676

CVE-2025-32676 corresponds to an authenticated (Administrator+) SQL Injection in Verowa Connect (WordPress plugin). Affected software: Verowa Connect

7.6CVSS7.3AI score0.00408EPSS

Exploits0References1