CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PluginOps Testimonial Slider testimonial-add allows PHP Local File Inclusion.This issue affects Testimonial Slider: from n/a through = 3.5.8.6...

8.8CVSS5.9AI score0.00171EPSS

Exploits0References1

NVD•added 2025/09/26 9:15 a.m.•3 views

CVE-2025-60126

8.8CVSS0.00171EPSS

Exploits0References1

CVE•added 2025/09/26 8:31 a.m.•5 views

CVE-2025-60126

CVE-2025-60126 is a PHP Local File Inclusion in the WordPress plugin Testimonial Slider (aka Testimonial Slider – Free Testimonials Slider Plugin). The issue is described as an Imporper Control of Filename for Include/Require Statement (PHP Remote File Inclusion) affecting plugin versions from 0 ...

8.8CVSS5.9AI score0.00171EPSS

Exploits0References1

Positive Technologies•added 2025/09/26 12:0 a.m.•1 views

PT-2025-39573

Name of the Vulnerable Software and Affected Versions PluginOps Testimonial Slider versions through 3.5.8.6 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for unauthorized...

8.8CVSS6.3AI score0.00171EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 10:5 a.m.•10 views

CVE-2024-30452

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginOps Landing Page Builder allows Stored XSS.This issue affects Landing Page Builder: from n/a through 1.5.1.7...

5.9CVSS8.6AI score0.0015EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 7:39 a.m.•3 views

CVE-2024-31923

Cross-Site Request Forgery CSRF vulnerability in PluginOps Feather Login Page.This issue affects Feather Login Page: from n/a through 1.1.5...

4.3CVSS5.1AI score0.00226EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:47 a.m.•1 views

CVE-2023-48325

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in PluginOps Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages.This issue affects Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages: from n/a through 1.5.1.5...

6.1CVSS7AI score0.00238EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:56 a.m.•4 views

CVE-2023-33328

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PluginOps MailChimp Subscribe Form plugin = 4.0.9.1 versions...

5.9CVSS5.6AI score0.00207EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:10 a.m.•5 views

CVE-2023-32517

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder.This issue affects MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder: from n/a through 4.0.9.3...

6.1CVSS7AI score0.00213EPSS

Exploits0References1

RedhatCVE•added 2025/03/26 2:38 p.m.•5 views

CVE-2025-30581

Missing Authorization vulnerability in PluginOps Top Bar ultimate-bar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Top Bar: from n/a through = 3.3...

5.3CVSS7.2AI score0.00183EPSS

Exploits0References1

NVD•added 2025/03/24 2:15 p.m.•3 views

CVE-2025-30581

Missing Authorization vulnerability in PluginOps Top Bar ultimate-bar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Top Bar: from n/a through = 3.3...

5.3CVSS0.00183EPSS

Exploits0References1

CVE•added 2025/03/24 1:47 p.m.•48 views

CVE-2025-30581

CVE-2025-30581 describes a Missing Authorization vulnerability in the WordPress plugin Top Bar (Top Bar by PluginOps), affecting versions up to and including 3.3. The issue is tied to incorrectly configured access control security levels, enabling unauthorized actions per the description. The CVE...

5.3CVSS7.2AI score0.00183EPSS

Exploits0References1

Vulnrichment•added 2025/03/24 1:47 p.m.•5 views

CVE-2025-30581 WordPress Top Bar plugin <= 3.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in PluginOps Top Bar ultimate-bar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Top Bar: from n/a through = 3.3...

5.3CVSS7.3AI score0.00183EPSS

Exploits0References1

NVD•added 2025/01/21 2:15 p.m.•11 views

CVE-2025-22727

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginOps MailChimp Subscribe Forms mailchimp-subscribe-sm allows Stored XSS.This issue affects MailChimp Subscribe Forms : from n/a through = 4.1...

6.5CVSS0.00137EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by