CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Cvelist•added 2026/01/23 2:29 p.m.•28 views

CVE-2026-24622 WordPress Suggestion Toolkit plugin <= 5.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sergiy Dzysyak Suggestion Toolkit suggestion-toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Suggestion Toolkit: from n/a through = 5.0...

5.4CVSS0.00069EPSS

Exploits0References1

Cvelist•added 2025/12/10 9:23 a.m.•28 views

CVE-2025-14390 Video Merchant <= 5.0.4 - Cross-Site Request Forgery to Arbitrary File Upload

The Video Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in version = 5.0.4. This is due to missing or incorrect nonce validation on the videomerchantaddvideofile function. This makes it possible for unauthenticated attackers to upload arbitrary files that make remote...

8.8CVSS0.00119EPSS

Exploits0References2

CNNVD•added 2022/10/25 12:0 a.m.•3 views

WordPress plugin Spam protection SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blogs on PHP and MySQL servers. ghost is a plugin for importing/exporting WordPress data, and WordPress plugin is an...

7.2CVSS7.2AI score0.00618EPSS

Exploits2References2

CNVD•added 2017/11/09 12:0 a.m.•2 views

HashiCorp Vagrant VMware Fusion Plugin Elevation of Privilege Vulnerability (CNVD-2017-33966)

The HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion is a tool developed by HashiCorp in the United States for building and managing virtual machine environments on VMware virtual machines. A security vulnerability exists in the HashiCorp Vagrant VMware Fusion plugin version 5.0.0...

7CVSS6.7AI score0.00077EPSS

Exploits3References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by