CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1698 matches found

OSV•added 2024/06/04 1:15 p.m.•3 views

CVE-2023-51667

Authentication Bypass by Spoofing vulnerability in FeedbackWP Rate my Post – WP Rating System allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.2...

8.2CVSS5.8AI score

Exploits0References1

Patchstack•added 2024/06/03 1:55 a.m.•2 views

WordPress Shield Security plugin <= 19.1.10 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Christian Angel in WordPress Plugin Shield Security versions = 19.1.10...

4.3CVSS7AI score0.00167EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/05/29 8:10 a.m.•2 views

WordPress Gianism plugin < 5.2.1 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Felipe Restrepo Rodriguez, Mateo Gutierrez Gomez in WordPress Plugin Gianism versions 5.2.1...

4.8CVSS6.1AI score0.0017EPSS

Exploits2References1Affected Software1

OSV•added 2024/05/21 6:15 a.m.•2 views

CVE-2024-4289

The Sailthru Triggermail WordPress plugin through 1.1 does not sanitise and escape various parameters before outputting them back in pages and attributes, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS5.8AI score

Exploits0References1

Patchstack•added 2024/05/21 3:43 a.m.•3 views

WordPress WP Table Builder plugin <= 1.4.14 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Tim Coen in WordPress Plugin WP Table Builder versions = 1.4.14...

6.4CVSS5.7AI score0.0047EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/05/21 3:34 a.m.•3 views

WordPress Uber Menu plugin <= 3.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Shortcodes vulnerability discovered by stealthcopter in WordPress Plugin Uber Menu versions = 3.8.2...

6.4CVSS5.8AI score0.00201EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/05/21 3:33 a.m.•3 views

WordPress Master Slider plugin <= 3.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Master Slider versions = 3.9.9...

6.4CVSS5.7AI score0.00233EPSS

Exploits0References1Affected Software1

CNNVD•added 2024/05/17 12:0 a.m.•5 views

WordPress plugin Popup by Supsystic 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in...

8.8CVSS8.7AI score0.17328EPSS

Exploits1References2

CNNVD•added 2024/05/17 12:0 a.m.•1 views

WordPress plugin CP Polls 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.3CVSS8.2AI score0.0021EPSS

Exploits0References2

CNNVD•added 2024/05/17 12:0 a.m.•4 views

WordPress plugin Salon booking system 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

7.2CVSS8.6AI score0.0022EPSS

Exploits0References2

CNNVD•added 2024/05/17 12:0 a.m.•0 views

WordPress plugin Phlox Shop 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.6CVSS8.7AI score0.0063EPSS

Exploits0References2

Positive Technologies•added 2024/05/17 12:0 a.m.•4 views

PT-2024-14140 · Woocommerce · Powerfulwp Local Delivery Drivers

Name of the Vulnerable Software and Affected Versions: powerfulwp Local Delivery Drivers for WooCommerce versions 1.9.0 and earlier Description: The issue is related to improper privilege management, allowing privilege escalation. This could potentially lead to full site takeover. Recommendations...

9.8CVSS9.4AI score0.00478EPSS

Exploits0References6

Patchstack•added 2024/05/15 1:55 a.m.•4 views

WordPress All-in-One Video Gallery plugin <= 3.6.5 - Authenticated (Contributor+) Local File Inclusion via aiovg_search_form Shortcode vulnerability

Authenticated Contributor+ Local File Inclusion via aiovgsearchform Shortcode vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin All-in-One Video Gallery versions = 3.6.5...

8.8CVSS7AI score0.01182EPSS

Exploits0References1Affected Software1

CNNVD•added 2024/05/14 12:0 a.m.•2 views

WordPress plugin Image Hover Effects 安全漏洞

6.4CVSS6.2AI score0.00082EPSS

Exploits0References3

CNNVD•added 2024/05/14 12:0 a.m.•4 views

WordPress plugin LearnPress 安全漏洞

9.8CVSS6.5AI score0.7709EPSS

Exploits2References6

CNNVD•added 2024/05/14 12:0 a.m.•1 views

WordPress plugin Soccer Engine 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

4.3CVSS6.5AI score0.00105EPSS

Exploits0References4

CNNVD•added 2024/05/14 12:0 a.m.•2 views

WordPress plugin Archives Calendar Widget 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS6AI score0.00187EPSS

Exploits0References2

Patchstack•added 2024/05/09 7:11 a.m.•2 views

WordPress Gallery Block (Meow Gallery) plugin <= 5.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Krzysztof Zając in WordPress Plugin Meow Gallery versions = 5.1.3...

6.4CVSS5.7AI score0.00215EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/05/08 11:40 a.m.•3 views

WordPress Themify Shortcodes plugin <= 2.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via themify_button Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via themifybutton Shortcode vulnerability discovered by Francesco Carlucci in WordPress Plugin Themify Shortcodes versions = 2.0.9...

6.4CVSS5.8AI score0.00352EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/05/06 10:13 p.m.•2 views

WordPress QuickieBar plugin <=1.8.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Sharanabasappa Patchstack Alliance in WordPress Plugin QuickieBar versions = 1.8.4...

5.9CVSS6.1AI score0.00277EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by