CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

Patchstack•added 2026/03/24 4:46 p.m.•4 views

WordPress Smart Custom Fields plugin <= 5.0.6 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure via Relational Post Search vulnerability

Missing Authorization to Authenticated Contributor+ Sensitive Information Exposure via Relational Post Search vulnerability discovered by darkmode in WordPress Plugin Smart Custom Fields versions = 5.0.6...

4.3CVSS5.8AI score0.00014EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2012-5731

Malware in sbrugna...

7.5CVSS6.4AI score0.00543EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-9123

Malicious code in bioql PyPI...

7.1CVSS9AI score0.00219EPSS

Exploits0References2

Positive Technologies•added 2025/09/17 12:0 a.m.•5 views

PT-2025-38147

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Public Access Catalog OPAC version 1.0 Description: A security issue has been identified in itsourcecode Online Public Access Catalog OPAC. The vulnerability resides in an unknown function within the mysearch.php file,...

6.5CVSS6.2AI score0.00058EPSS

Exploits1References9

RedhatCVE•added 2025/04/03 9:52 a.m.•3 views

CVE-2025-30548

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VarDump s.r.l. Advanced Post Search advanced-post-search allows Reflected XSS.This issue affects Advanced Post Search: from n/a through = 1.1.0...

7.1CVSS7.2AI score0.00219EPSS

Exploits0References1

NVD•added 2025/04/01 6:15 a.m.•2 views

CVE-2025-30548

7.1CVSS0.00219EPSS

Exploits0References1

CVE•added 2025/04/01 5:31 a.m.•43 views

CVE-2025-30548

CVE-2025-30548 is a Reflected XSS in the WordPress plugin Advanced Post Search. The vulnerability affects Advanced Post Search versions from n/a through 1.1.0 and, per the provided documents, remains Unpatched (no fix/version is indicated). The issue targets input during Web Page Generation and c...

7.1CVSS7.2AI score0.00219EPSS

Exploits0References1

Vulnrichment•added 2025/04/01 5:31 a.m.•3 views

CVE-2025-30548 WordPress Advanced Post Search plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS8.6AI score0.00219EPSS

Exploits0References1

CNNVD•added 2025/04/01 12:0 a.m.•1 views

WordPress plugin Advanced Post Search 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS7.9AI score0.00219EPSS

Exploits0References2

Patchstack•added 2025/03/27 9:41 p.m.•1 views

WordPress Advanced Post Search plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Advanced Post Search versions = 1.1.0...

7.1CVSS6.1AI score0.00219EPSS

Exploits0Affected Software1

Prion•added 2015/01/08 1:59 a.m.•9 views

Sql injection

SQL injection vulnerability in the "thesearchfunction" function in cardozaajaxsearch.php in the AJAX Post Search cardoza-ajax-search plugin before 1.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the srchtxt parameter in a "thesearchtext" action to...

7.5CVSS9.1AI score0.00543EPSS

Exploits1References2Affected Software1

CNVD•added 2015/01/08 12:0 a.m.•2 views

WordPress Plugin AJAX Post Search 'the_search_function' SQL Injection Vulnerability

WordPress is a content management system developed using the PHP language. WordPress plugin AJAX Post Search 'thesearchfunction' suffers from a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands via the 'thesearchtext' parameter...

7.5CVSS8.6AI score0.00543EPSS

Exploits1References1

seebug.org•added 2012/11/13 12:0 a.m.•32 views

WordPress AJAX Post Search插件'the_search_function()'函数SQL注入漏洞

BUGTRAQ ID: 56436 AJAX Post Search插件可无需刷新页面的情况下搜索站点上的帖子。 AJAX Post Search 1.1及其他版本存在SQL注入安全漏洞，攻击者可利用此漏洞控制应用、访问或修改数据、利用下层数据库内的其他漏洞。 0 WordPress AJAX Post Search Plugin 1.x 厂商补丁： WordPress --------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://wordpress.org/...

6.9AI score

Exploits0

securityvulns•added 2012/11/09 12:0 a.m.•60 views

Sql injection in AJAX post Search wordpress plugin

Exploit Title : SQl INJECTION AJAX Post Search --- wordpress plugin--- Author:Marcela Benetrix home:www.girlinthemiddle.net Date: 10/12/12 version: 1.1 software link: http://wordpress.org/extend/plugins/cardoza-ajax-search/ AJAX Post Search wordpress plugin description This plugin will allow your...

0.4AI score

Exploits0

securityvulns•added 2010/10/24 12:0 a.m.•68 views

Wiccle Web Builder CMS and iWiccle CMS Community Builder Multiple XSS Vulnerabilities

Wiccle Web Builder CMS and iWiccle CMS Community Builder Multiple Cross-Site Scripting Vulnerability. SecPod Technologies www.secpod.com Author Veerendra G.G SecPod ID: 1005 09/07/2010 Issue Discovered 09/10/2010 Vendor Notified 09/13/2010 Vendor Confirmed 09/14/2010 Fix Available Class: Cross-Si...

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by