CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1726 matches found

Cvelist•added 2025/09/22 6:24 p.m.•8 views

CVE-2025-57963 WordPress Zoho Billing Plugin <= 4.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zoho Subscriptions Zoho Billing zoho-subscriptions allows DOM-Based XSS.This issue affects Zoho Billing: from n/a through = 4.1...

6.5CVSS0.00285EPSS

Exploits0References1

Cvelist•added 2025/09/22 6:24 p.m.•10 views

CVE-2025-57980 WordPress Safety Exit Plugin <= 1.8.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tomas Cordero Safety Exit safety-exit allows Stored XSS.This issue affects Safety Exit: from n/a through = 1.8.0...

5.9CVSS0.0021EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:24 p.m.•1 views

CVE-2025-57980 WordPress Safety Exit Plugin <= 1.8.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tomas Cordero Safety Exit allows Stored XSS. This issue affects Safety Exit: from n/a through 1.8.0...

5.9CVSS5.6AI score0.0021EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:24 p.m.•2 views

CVE-2025-57992 WordPress Mail Baby SMTP Plugin <= 2.8 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in InterServer Mail Baby SMTP allows Cross Site Request Forgery. This issue affects Mail Baby SMTP: from n/a through 2.8...

4.3CVSS6.5AI score0.00131EPSS

Exploits0References1

Cvelist•added 2025/09/22 6:24 p.m.•9 views

CVE-2025-57994 WordPress Upcoming Events Lists Plugin <= 1.4.0 - Insecure Direct Object References (IDOR) Vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Sayful Islam Upcoming Events Lists upcoming-events-lists allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Upcoming Events Lists: from n/a through = 1.4.0...

5.4CVSS0.00284EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:24 p.m.•1 views

CVE-2025-57997 WordPress Trustpilot Reviews Plugin <= 2.5.925 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Trustpilot Trustpilot Reviews trustpilot-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trustpilot Reviews: from n/a through = 2.5.925...

4.3CVSS5.9AI score0.00244EPSS

Exploits0References1

CVE•added 2025/09/22 6:24 p.m.•8 views

CVE-2025-58020

CVE-2025-58020 – The Theater for WordPress plugin is affected by a Stored XSS vulnerability due to improper input neutralization during web page generation. Affected range is Theater for WordPress from n/a through 0.18.8. The available connected documents confirm the issue and indicate it remains...

6.5CVSS5.9AI score0.00285EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:23 p.m.•2 views

CVE-2025-58199 WordPress Fastly plugin <= 1.2.28 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Fastly Fastly fastly allows Cross Site Request Forgery.This issue affects Fastly: from n/a through = 1.2.28...

4.3CVSS5.9AI score0.00131EPSS

Exploits0References1

Cvelist•added 2025/09/22 6:23 p.m.•12 views

CVE-2025-58220 WordPress Card Elements for WPBakery Plugin <= 1.0.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Techeshta Card Elements for WPBakery card-elements-for-wpbakery allows DOM-Based XSS.This issue affects Card Elements for WPBakery: from n/a through = 1.0.8...

6.5CVSS0.0019EPSS

Exploits0References1

CVE•added 2025/09/22 6:23 p.m.•7 views

CVE-2025-58219

CVE-2025-58219: CSRF in WordPress plugin Show Pages List (LIJE Show Pages List) affecting

4.3CVSS5.9AI score0.00131EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:23 p.m.•2 views

CVE-2025-58229 WordPress Sitekit Plugin <= 2.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webvitaly Sitekit sitekit allows Stored XSS.This issue affects Sitekit: from n/a through = 2.0...

6.5CVSS5.9AI score0.00196EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:23 p.m.•2 views

CVE-2025-58232 WordPress Image Editor by Pixo Plugin <= 2.3.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ickata Image Editor by Pixo image-editor-by-pixo allows DOM-Based XSS.This issue affects Image Editor by Pixo: from n/a through = 2.3.8...

6.5CVSS5.9AI score0.0019EPSS

Exploits0References1

Cvelist•added 2025/09/22 6:23 p.m.•9 views

CVE-2025-58240 WordPress xili-tidy-tags Plugin <= 1.12.06 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michel - xiligroup dev xili-tidy-tags xili-tidy-tags allows Stored XSS.This issue affects xili-tidy-tags: from n/a through = 1.12.06...

6.5CVSS0.00258EPSS

Exploits0References1

Cvelist•added 2025/09/22 6:23 p.m.•8 views

CVE-2025-58242 WordPress Bg Church Memos Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vadim Bogaiskov Bg Church Memos bg-church-memos allows DOM-Based XSS.This issue affects Bg Church Memos: from n/a through = 1.1...

6.5CVSS0.0019EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:23 p.m.•2 views

CVE-2025-58655 WordPress Category Featured Images Plugin <= 1.1.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mat Category Featured Images category-featured-images allows Stored XSS.This issue affects Category Featured Images: from n/a through = 1.1.8...

5.9CVSS5.9AI score0.00204EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:22 p.m.•2 views

CVE-2025-58669 WordPress Magento 2 WordPress Integration plugin <= 1.4.2.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Modern Minds Magento 2 WordPress Integration m2wp allows Stored XSS.This issue affects Magento 2 WordPress Integration: from n/a through = 1.4.2.1...

5.9CVSS5.9AI score0.00212EPSS

Exploits0References1

CNNVD•added 2025/09/22 12:0 a.m.•2 views

WordPress plugin SALESmanago 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-sit...

4.3CVSS6.5AI score0.00131EPSS

Exploits0References1

CNNVD•added 2025/09/22 12:0 a.m.•1 views

WordPress plugin Theater for WordPress 跨站脚本漏洞

6.5CVSS5.8AI score0.00285EPSS

Exploits0References1

CNNVD•added 2025/09/22 12:0 a.m.•1 views

WordPress plugin Buckets 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS5.6AI score0.0019EPSS

Exploits0References1

CNNVD•added 2025/09/22 12:0 a.m.•2 views

WordPress plugin Oshine Core 安全漏洞

5.4CVSS6.5AI score0.00248EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by