CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1726 matches found

CNNVD•added 2024/01/08 12:0 a.m.•2 views

WordPress Plugin WP Blogs Planetarium Security Breach

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

8.8CVSS6.7AI score0.00348EPSS

Exploits2References3

OSV•added 2023/12/15 4:15 p.m.•2 views

CVE-2023-49749

Cross-Site Request Forgery CSRF vulnerability in SureTriggers SureTriggers – Connect All Your Plugins, Apps, Tools & Automate Everything!.This issue affects SureTriggers – Connect All Your Plugins, Apps, Tools & Automate Everything!: from n/a through 1.0.23...

8.8CVSS5.8AI score

Exploits0References1

OSV•added 2023/12/13 6:15 p.m.•3 views

CVE-2023-50778

A cross-site request forgery CSRF vulnerability in Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier allows attackers to connect to an attacker-specified URL using an attacker-specified token...

8.8CVSS5.7AI score0.00414EPSS

Exploits0References2

CNNVD•added 2023/12/04 12:0 a.m.•4 views

WordPress plugin Popup box security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

4.8CVSS5.8AI score0.0045EPSS

Exploits2References1

OSV•added 2023/11/22 10:15 p.m.•1 views

CVE-2023-47808

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Christina Uechi Add Widgets to Page plugin = 1.3.2 versions...

5.4CVSS7.3AI score0.00416EPSS

Exploits1References1

OSV•added 2023/11/22 2:15 p.m.•1 views

CVE-2023-26532

Cross-Site Request Forgery CSRF vulnerability in AccessPress Themes Social Auto Poster plugin = 2.1.4 versions...

8.8CVSS5.8AI score0.00269EPSS

Exploits0References1

Positive Technologies•added 2023/11/22 12:0 a.m.•3 views

PT-2023-30621 · Unknown · Anywhere Flash Embed

Name of the Vulnerable Software and Affected Versions: Anywhere Flash Embed plugin versions 1.0.5 and earlier Description: The issue is related to improper neutralization of input during web page generation, which can lead to Cross-site Scripting. Recommendations: For Anywhere Flash Embed plugin...

6.5CVSS6.2AI score0.00416EPSS

Exploits1References3

CNNVD•added 2023/11/20 12:0 a.m.•1 views

WordPress Plugin Seraphinite Accelerator Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

6.1CVSS8.6AI score0.00444EPSS

Exploits2References2

OSV•added 2023/11/16 8:15 p.m.•2 views

CVE-2023-32957

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Dazzlersoft Team Members Showcase plugin = 1.3.4 versions...

4.8CVSS7.3AI score

Exploits0References1

CVE•added 2023/11/16 6:20 p.m.•42 views

CVE-2023-47509

CVE-2023-47509: Unauthenticated Reflected XSS in ioannup Edit WooCommerce Templates plugin (

7.1CVSS6.1AI score0.00412EPSS

Exploits0References1Affected Software1

VulnCheck KEV•added 2023/11/15 12:0 a.m.•2 views

VulnCheck KEV: CVE-2019-5128

A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. The parameter base64Url in...

10CVSS7.2AI score0.25692EPSS

Exploits1References1

Vulnrichment•added 2023/11/14 6:53 p.m.•7 views

CVE-2023-47653 WordPress TWB Woocommerce Reviews Plugin <= 1.7.5 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Abu Bakar TWB Woocommerce Reviews plugin = 1.7.5 versions...

5.9CVSS5.5AI score0.00418EPSS

Exploits0References1

OSV•added 2023/11/14 12:15 a.m.•1 views

CVE-2023-47673

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Stefano Ottolenghi Post Pay Counter plugin = 2.784 versions...

6.1CVSS7.3AI score0.00412EPSS

Exploits0References1

Positive Technologies•added 2023/11/12 12:0 a.m.•2 views

PT-2023-21129 · Unknown · Gl Spice New Adman Plugin

Name of the Vulnerable Software and Affected Versions: gl SPICE New Adman plugin versions = 1.6.8 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

8.8CVSS8.5AI score0.00294EPSS

Exploits0References3

OSV•added 2023/11/09 11:15 p.m.•1 views

CVE-2023-32093

Cross-Site Request Forgery CSRF vulnerability in Criss Swaim TPG Redirect plugin = 1.0.7 versions...

8.8CVSS7.3AI score0.0027EPSS

Exploits0References1

OSV•added 2023/11/09 11:15 p.m.•1 views

CVE-2023-31088

Cross-Site Request Forgery CSRF vulnerability in Faraz Quazi Floating Action Button plugin = 1.2.1 versions...

8.8CVSS7.3AI score0.00301EPSS

Exploits0References1