CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

RedhatCVE•added 2026/01/23 9:16 p.m.•2 views

CVE-2025-68835

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in matiskiba Ravpage ravpage allows Reflected XSS.This issue affects Ravpage: from n/a through = 2.33...

7.1CVSS5.4AI score0.00064EPSS

Exploits0References1

NVD•added 2026/01/22 5:16 p.m.•2 views

CVE-2025-68835

7.1CVSS0.00064EPSS

Exploits0References1

ATTACKERKB•added 2026/01/22 4:52 p.m.•2 views

CVE-2025-68835

7.1CVSS5.3AI score0.00064EPSS

Exploits0References2

Cvelist•added 2026/01/22 4:52 p.m.•14 views

CVE-2025-68835 WordPress Ravpage plugin <= 2.33 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00064EPSS

Exploits0References1

CVE•added 2026/01/22 4:52 p.m.•5 views

CVE-2025-68835

CVE-2025-68835 covers the WordPress Ravpage plugin (versions

7.1CVSS5.4AI score0.00064EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•2 views

CVE-2025-68835 WordPress Ravpage plugin <= 2.33 - Reflected Cross Site Scripting (XSS) vulnerability

5.9AI score0.00064EPSS

Exploits0References1

Positive Technologies•added 2026/01/22 12:0 a.m.•2 views

PT-2026-4083

Name of the Vulnerable Software and Affected Versions matiskiba Ravpage versions prior to 2.33 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a Reflected Cross-Site Scripting XSS condition. This allows an attacker to...

5.2AI score0.00064EPSS

Exploits0References3

CNNVD•added 2026/01/22 12:0 a.m.•3 views

WordPress plugin Ravpage has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

7.1CVSS5.7AI score0.00064EPSS

Exploits0References1

Patchstack•added 2026/01/20 7:53 a.m.•3 views

WordPress Ravpage plugin <= 2.33 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Skalucy in WordPress Plugin Ravpage versions = 2.33...

7.1CVSS5.3AI score0.00064EPSS

Exploits0Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2022-33753

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00228EPSS

Exploits0References2

OSV•added 2025/02/20 10:15 a.m.•0 views

CVE-2024-13789

The ravpage plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.31 via deserialization of untrusted input from the 'paramsv2' parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the...

9.8CVSS6AI score

Exploits0References2

CVE•added 2025/02/20 9:21 a.m.•49 views

CVE-2024-13789

CVE-2024-13789 details (as per provided docs): The ravpage WordPress plugin (affected versions up to 2.31) is vulnerable to PHP Object Injection via deserialization of untrusted input in the paramsv2 parameter. This allows unauthenticated attackers to inject a PHP object. There is no known POP ch...

9.8CVSS9.7AI score0.00615EPSS

Exploits0References3Affected Software1

Cvelist•added 2025/02/20 9:21 a.m.•15 views

CVE-2024-13789 Ravpage <= 2.31 - PHP Object Injection

9.8CVSS0.00615EPSS

Exploits0References3

Positive Technologies•added 2025/02/20 12:0 a.m.•3 views

PT-2025-7389 · WordPress · Ravpage

Name of the Vulnerable Software and Affected Versions: Ravpage plugin for WordPress versions up to, and including, 2.31 Description: The issue concerns a PHP Object Injection vulnerability via deserialization of untrusted input from the paramsv2 parameter. This allows unauthenticated attackers to...

9.8CVSS9.8AI score0.00615EPSS

Exploits0References8

CNNVD•added 2025/02/20 12:0 a.m.•1 views

WordPress plugin Ravpage 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

9.8CVSS8.8AI score0.00615EPSS

Exploits0References2

Patchstack•added 2025/02/19 11:10 p.m.•1 views

WordPress Ravpage plugin <= 2.31 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Frissi0n in WordPress Plugin Ravpage versions = 2.31...

9.8CVSS7.3AI score0.00615EPSS

Exploits0References1Affected Software1

CNVD•added 2022/04/29 12:0 a.m.•10 views

WordPress Ravpage plugin跨站脚本漏洞

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress Ravpage plugin 2.16 and previous versions have a cross-site scripting vulnerability, which stems from the lack of...

6.1CVSS1.5AI score0.00228EPSS

Exploits0References1

OSV•added 2022/04/28 4:15 p.m.•1 views

CVE-2022-29415

Unauthenticated Reflected Cross-Site Scripting XSS vulnerability in Mati Skiba @ Rav Messer's Ravpage plugin = 2.16 at WordPress...

6.1CVSS6.3AI score0.00228EPSS

Exploits0References2

Cvelist•added 2022/04/28 3:34 p.m.•11 views

CVE-2022-29415 WordPress Ravpage plugin <= 2.16 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability

Unauthenticated Reflected Cross-Site Scripting XSS vulnerability in Mati Skiba @ Rav Messer's Ravpage plugin = 2.16 at WordPress...

6.1CVSS6.1AI score0.00228EPSS

Exploits0References2