CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2024-36724

Malicious code in bioql PyPI...

5.8CVSS6.5AI score0.00234EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 7:43 a.m.•10 views

CVE-2024-37515

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Optemiz XPlainer - WooCommerce Product FAQ allows Reflected XSS.This issue affects XPlainer - WooCommerce Product FAQ: from n/a through 1.6.3...

5.8CVSS6.9AI score0.00234EPSS

Exploits0

NVD•added 2024/07/21 8:15 a.m.•35 views

CVE-2024-37515

5.8CVSS0.00234EPSS

Exploits0References1

Vulnrichment•added 2024/07/21 7:14 a.m.•13 views

CVE-2024-37515 WordPress XPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin] plugin <= 1.6.3 - Cross Site Scripting (XSS) vulnerability

5.8CVSS7AI score0.00234EPSS

Exploits0References1

CVE•added 2024/07/21 7:14 a.m.•46 views

CVE-2024-37515

CVE-2024-37515 is a Reflected Cross-Site Scripting (XSS) vulnerability in the WordPress plugin XPlainer – Product FAQs for WooCommerce (XPlainer – WooCommerce Product FAQ). Affected versions are 1.6.3 and earlier. The issue arises from improper neutralization of input during web page generation, ...

5.8CVSS5.7AI score0.00234EPSS

Exploits0References1

Cvelist•added 2024/07/21 7:14 a.m.•26 views

CVE-2024-37515 WordPress XPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin] plugin <= 1.6.3 - Cross Site Scripting (XSS) vulnerability

5.8CVSS0.00234EPSS

Exploits0References1

Positive Technologies•added 2024/07/21 12:0 a.m.•6 views

PT-2024-27620 · Woocommerce · Xplainer - Woocommerce Product Faq

Name of the Vulnerable Software and Affected Versions: XPlainer - WooCommerce Product FAQ versions 1.6.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS...

5.8CVSS6.8AI score0.00234EPSS

Exploits0References4

NVD•added 2024/07/09 9:15 a.m.•20 views

CVE-2024-5669

The XPlainer – WooCommerce Product FAQ WooCommerce Accordion FAQ Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ffwactivatetemplate' function in all versions up to, and including, 1.7.0. This makes it possible for...

6.4CVSS0.00372EPSS

Exploits0References3

Patchstack•added 2024/07/09 7:44 a.m.•5 views

WordPress XPlainer – WooCommerce Product FAQ plugin <= 1.7.0 - Missing Authorization to Authenticated (Subscriber+) Settings Update vulnerability

Missing Authorization to Authenticated Subscriber+ Settings Update vulnerability discovered by Lucio Sá in WordPress Plugin XPlainer - WooCommerce Product FAQ versions = 1.7.0...

4.3CVSS7AI score0.00399EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/07/09 12:0 a.m.•11 views

WordPress XPlainer - WooCommerce Product FAQ Plugin <= 1.7.0 is vulnerable to Cross Site Scripting (XSS)

Software XPlainer - WooCommerce Product FAQ Type Plugin Vulnerable versions = 1.7.0 Fixed in 1.7.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5669 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID b5e6735c62a0 Credits...

6.4CVSS5.7AI score0.00372EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2024/07/09 12:0 a.m.•7 views

PT-2024-36999 · Woocommerce · Xplainer - Woocommerce Product Faq

Name of the Vulnerable Software and Affected Versions: The XPlainer – WooCommerce Product FAQ WooCommerce Accordion FAQ Plugin versions up to, and including, 1.6.4 Description: The issue allows authenticated attackers with Subscriber-level access and above to modify data without proper...

6.4CVSS6.2AI score0.00372EPSS

Exploits0References6

Patchstack•added 2024/07/05 1:48 p.m.•2 views

WordPress XPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin] plugin <= 1.6.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin XPlainer - WooCommerce Product FAQ versions = 1.6.3...

5.8CVSS6.1AI score0.00234EPSS

Exploits0Affected Software1

Patchstack•added 2024/07/05 12:0 a.m.•11 views

WordPress XPlainer - WooCommerce Product FAQ Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS)

Software XPlainer - WooCommerce Product FAQ Type Plugin Vulnerable versions = 1.6.3 Fixed in 1.6.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37515 Patch priority Medium CVSS severity Medium 5.8 Developer Claim ownership PSID 4539c5a9e2c2 Credits LVT-tholv2k...

5.8CVSS6.6AI score0.00234EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/04/11 11:9 a.m.•5 views

WordPress XPlainer – WooCommerce Product FAQ plugin <= 1.5.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin XPlainer - WooCommerce Product FAQ versions = 1.5.0...

7AI score0.001EPSS

Exploits0Affected Software1

Patchstack•added 2023/07/19 12:0 a.m.•8 views

WordPress XPlainer - WooCommerce Product FAQ Plugin <= 1.3.35 is vulnerable to Cross Site Scripting (XSS)

Software XPlainer - WooCommerce Product FAQ Type Plugin Vulnerable versions = 1.3.35 Fixed in 1.4.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9c00776efd55 Credits Rafie Muhammad...

6.1AI score0.00284EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by