CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1698 matches found

CVE•added 2025/10/22 2:32 p.m.•4 views

CVE-2025-49953

Summary: CVE-2025-49953 affects the WordPress plugins ShareBang and Ultimate Social Share Buttons for WordPress (versions through 1.4). Vulnerability: Improper input neutralization during web page generation enables Reflected Cross-Site Scripting (XSS). Root cause: Inadequate handling of user-sup...

7.1CVSS6AI score0.0003EPSS

Exploits0References1

Cvelist•added 2025/10/22 2:32 p.m.•6 views

CVE-2025-49373 WordPress Evergreen Content Poster plugin <= 1.4.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Evergreen Content Poster Evergreen Content Poster evergreen-content-poster allows Cross Site Request Forgery.This issue affects Evergreen Content Poster: from n/a through = 1.4.5...

4.3CVSS0.00015EPSS

Exploits0References1

CVE•added 2025/10/22 2:32 p.m.•5 views

CVE-2025-48098

CVE-2025-48098 is a Stored XSS in the WordPress Survey Maker plugin (survey-maker) caused by improper input neutralization during web page generation. Affected: Survey Maker versions up to and including 5.1.8.8. The issue is confirmed by multiple sources (NVD, Red Hat, ENISA, CVE List, PatchStack...

7.1CVSS5.6AI score0.0003EPSS

Exploits0References1

CVE•added 2025/10/22 2:32 p.m.•7 views

CVE-2025-48082

CVE-2025-48082 describes an incorrect privilege assignment in the WordPress plugin Progress Planner (Progress Planner,

8.8CVSS6.6AI score0.0006EPSS

Exploits0References1

CNNVD•added 2025/10/22 12:0 a.m.•2 views

WordPress plugin MasterStudy LMS 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin MasterStudy LMS, which...

5CVSS5.7AI score0.00039EPSS

Exploits0References1

CNNVD•added 2025/10/22 12:0 a.m.•1 views

WordPress plugin WP Responsive Meet The Team 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exist...

6.4CVSS5.9AI score0.00032EPSS

Exploits0References4

CNNVD•added 2025/10/22 12:0 a.m.•1 views

WordPress Plugin Pets 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

7.1CVSS6AI score0.00075EPSS

Exploits0References1

Patchstack•added 2025/10/15 3:43 p.m.•4 views

WordPress Cost Calculator Builder plugin <= 3.5.32 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by ? in WordPress Plugin Cost Calculator Builder versions = 3.5.32...

6.5CVSS7AI score0.00058EPSS

Exploits0Affected Software1

Positive Technologies•added 2025/10/09 12:0 a.m.•2 views

PT-2025-41358

Name of the Vulnerable Software and Affected Versions WP Travel Engine – Tour Booking Plugin – Tour Operator Software versions prior to 6.6.8 Description The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is susceptible to a Local File Inclusion issue in...

9.8CVSS6.9AI score0.00635EPSS

Exploits0References9