CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

49 matches found

CVE•added 2026/02/19 8:27 a.m.•23 views

CVE-2026-27059

CVE-2026-27059 affects the WordPress plugin Penci Recipe (penci-recipe) versions up to 4.1, enabling a DOM-based XSS due to improper input neutralization during web page generation. The issue is described across multiple sources as a cross-site scripting vulnerability in Penci Recipe, with an exp...

6.5CVSS5.4AI score0.00045EPSS

Exploits0References1

Cvelist•added 2026/02/19 8:27 a.m.•24 views

CVE-2026-27059 WordPress Penci Recipe plugin <= 4.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Recipe penci-recipe allows DOM-Based XSS.This issue affects Penci Recipe: from n/a through = 4.1...

6.5CVSS0.00045EPSS

Exploits0References1

ATTACKERKB•added 2026/02/19 8:27 a.m.•1 views

CVE-2026-27059

5.5AI score0.00045EPSS

Exploits0References2

CNNVD•added 2025/11/01 12:0 a.m.•3 views

WordPress plugin WP Delicious – Recipe Plugin for Food Bloggers 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

8.8CVSS7.8AI score0.00239EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-6355

Malicious code in bioql PyPI...

8CVSS7.8AI score0.00089EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-6410

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00517EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-6358

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00363EPSS

Exploits0References3

Vulnrichment•added 2025/09/22 6:25 p.m.•3 views

CVE-2025-59585 WordPress Penci Recipe Plugin <= 4.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Recipe allows DOM-Based XSS. This issue affects Penci Recipe: from n/a through 4.0...

6.5CVSS6AI score0.00032EPSS

Exploits0References1

CVE•added 2025/09/22 6:25 p.m.•11 views

CVE-2025-59585

CVE-2025-59585 affects the WordPress plugin Penci Recipe. The connected document confirms a DOM-based XSS due to improper input neutralization during web page generation, affecting Penci Recipe versions from n/a through 4.0. The CVSS metrics indicate a network-accessible, low-privilege, low-impac...

6.5CVSS5.9AI score0.00032EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:47 a.m.•5 views

CVE-2024-43935

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WP Delicious Delicious Recipes – WordPress Recipe Plugin allows Stored XSS.This issue affects Delicious Recipes – WordPress Recipe Plugin: from n/a through 1.6.7...

6.5CVSS6.7AI score0.00287EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:5 p.m.•4 views

CVE-2022-34792

A cross-site request forgery CSRF vulnerability in Jenkins Recipe Plugin 1.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML...

8CVSS6.8AI score0.00089EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:3 p.m.•2 views

CVE-2022-34793

Jenkins Recipe Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.8CVSS6.7AI score0.00517EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:2 p.m.•4 views

CVE-2022-34794

Missing permission checks in Jenkins Recipe Plugin 1.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML...

6.5CVSS6.6AI score0.00363EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:37 a.m.•4 views

CVE-2019-15836

The wp-ultimate-recipe plugin before 3.12.7 for WordPress has stored XSS...

5.4CVSS6.8AI score0.00259EPSS

Exploits0References1

Patchstack•added 2024/10/31 3:18 p.m.•2 views

WordPress WP EASY RECIPE plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin WP EASY RECIPE versions = 1.6...

6.5CVSS6.1AI score0.00231EPSS

Exploits0Affected Software1

Cvelist•added 2024/09/11 7:31 a.m.•16 views

CVE-2024-7626 WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) <= 1.6.9 - Improper Path Validation to Authenticated (Subscriber+) Arbitrary File Move and Read

The WP Delicious – Recipe Plugin for Food Bloggers formerly Delicious Recipes plugin for WordPress is vulnerable to arbitrary file movement and reading due to insufficient file path validation in the saveeditprofiledetails function in all versions up to, and including, 1.6.9. This makes it possib...

8.1CVSS0.03817EPSS

Exploits0References4

CNNVD•added 2024/07/01 12:0 a.m.•1 views

WordPress plugin Basil recipe security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS5.7AI score0.0045EPSS

Exploits0References3

CNNVD•added 2024/06/13 12:0 a.m.•2 views

WordPress plugin Cooked Pro recipe security vulnerability

5.4CVSS6.7AI score0.03585EPSS

Exploits1References3

CNVD•added 2022/07/04 12:0 a.m.•24 views

Jenkins Recipe Plugin Cross-Site Request Forgery Vulnerability

Jenkins and Jenkins Plugin are both open source products from Jenkins.Jenkins is an application. Jenkins is an open source automation server that provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site request forgery...

8CVSS1.3AI score0.00089EPSS

Exploits0References1