CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Basil recipe theme for WordPress is vulnerable to Persistent Cross-Site Scripting XSS via the posttitle parameter in versions up to, and including, 2.0.4 due to insufficient input sanitization and output escaping. This vulnerability allows authenticated attackers with contributor-level access...

5.4CVSS5.7AI score0.00298EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:47 p.m.•2 views

CVE-2021-3327

Ovation Dynamic Content 1.10.1 for Elementor allows XSS via the posttitle parameter...

5.4CVSS5.9AI score0.00656EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 7:46 a.m.•3 views

CVE-2018-5312

The tabs-responsive plugin 1.8.0 for WordPress has XSS via the posttitle parameter to wp-admin/post.php...

5.4CVSS6AI score0.00595EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:57 a.m.•8 views

CVE-2019-20181

The awesome-support plugin 5.8.0 for WordPress allows XSS via the posttitle parameter...

4.8CVSS6AI score0.00717EPSS

Exploits0References1

Prion•added 2022/01/31 4:15 p.m.•16 views

Sql injection

Victor CMS v1.0 was discovered to contain a SQL injection vulnerability in the component admin/posts.php?source=addpost. This vulnerability can be exploited through a crafted POST request via the posttitle parameter...

5CVSS7.7AI score0.0137EPSS

Exploits1References2Affected Software1

CVE•added 2021/03/19 2:52 a.m.•57 views

CVE-2021-3327

CVE-2021-3327 affects Ovation Dynamic Content 1.10.1 for Elementor, with a stored/ reflected cross-site scripting flaw exploitable via the post_title parameter. The connected materials confirm the product/version and the vulnerability class but do not provide exploit details, affected configurati...

5.4CVSS5.2AI score0.00656EPSS

Exploits1References2Affected Software1

Cvelist•added 2021/03/19 2:52 a.m.•13 views

CVE-2021-3327

Ovation Dynamic Content 1.10.1 for Elementor allows XSS via the posttitle parameter...

5.5AI score0.00656EPSS

Exploits1References2

CNNVD•added 2021/03/18 12:0 a.m.•3 views

Elementor 跨站脚本漏洞

Elementor is a WordPress page builder from the Elementor team that offers a variety of design elements and supports custom templates and more. A cross-site scripting vulnerability exists in Elementor Ovation Dynamic Content version 1.10.1. The vulnerability is related to the posttitle parameter. ...

5.4CVSS5.2AI score0.00656EPSS

Exploits1References3

NVD•added 2020/01/09 10:15 p.m.•17 views

CVE-2019-20181

The awesome-support plugin 5.8.0 for WordPress allows XSS via the posttitle parameter...

4.8CVSS5AI score0.00717EPSS

Exploits0References1

NVD•added 2020/01/09 10:15 p.m.•19 views

CVE-2019-20182

The FooGallery plugin 1.8.12 for WordPress allow XSS via the posttitle parameter...

4.8CVSS5AI score0.00717EPSS

Exploits0References1

Prion•added 2018/01/09 5:29 a.m.•12 views

Design/Logic Flaw

The tabs-responsive plugin 1.8.0 for WordPress has XSS via the posttitle parameter to wp-admin/post.php...

3.5CVSS5.2AI score0.00595EPSS

Exploits1References2Affected Software1

NVD•added 2018/01/09 5:29 a.m.•15 views

CVE-2018-5312

The tabs-responsive plugin 1.8.0 for WordPress has XSS via the posttitle parameter to wp-admin/post.php...

5.4CVSS5.4AI score0.00595EPSS

Exploits1References2

Prion•added 2015/06/17 6:59 p.m.•20 views

Cross site scripting

Cross-site scripting XSS vulnerability in js/wp-seo-metabox.js in the WordPress SEO by Yoast plugin before 2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the posttitle parameter to wp-admin/post-new.php, which is not properly handled in the snippet preview...

4.3CVSS6.3AI score0.03206EPSS

Exploits2References8Affected Software1

NVD•added 2015/06/17 6:59 p.m.•18 views

CVE-2012-6692

4.3CVSS5.8AI score0.03206EPSS

Exploits2References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by