CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

RedhatCVE•added 2025/05/22 9:7 a.m.•3 views

CVE-2016-10976

The safe-editor plugin before 1.2 for WordPress has no sesave authentication, with resultant XSS...

6.1CVSS7AI score0.00158EPSS

Exploits2References1

NVD•added 2019/09/17 3:15 p.m.•8 views

CVE-2016-10976

The safe-editor plugin before 1.2 for WordPress has no sesave authentication, with resultant XSS...

6.1CVSS6.4AI score0.00158EPSS

Exploits2References2

Prion•added 2019/09/17 3:15 p.m.•11 views

Authentication flaw

The safe-editor plugin before 1.2 for WordPress has no sesave authentication, with resultant XSS...

4.3CVSS7.2AI score0.00158EPSS

Exploits2References2Affected Software1

Cvelist•added 2019/09/17 2:5 p.m.•10 views

CVE-2016-10976

The safe-editor plugin before 1.2 for WordPress has no sesave authentication, with resultant XSS...

6.4AI score0.00158EPSS

Exploits2References2

CVE•added 2019/09/17 2:5 p.m.•64 views

CVE-2016-10976

The CVE concerns the WordPress Safe Editor plugin prior to version 1.2, where the se_save endpoint lacks authentication, enabling CSS/JS injection and resulting XSS. Affected component: safe-editor plugin for WordPress; root cause: missing authentication on se_save in admin-ajax flow; impact: una...

6.1CVSS6.4AI score0.00158EPSS

Exploits2References2Affected Software1

Patchstack•added 2016/05/06 12:0 a.m.•7 views

WordPress Safe Editor Plugin <= 1.1 - Multiple Vulnerabilities

This plugin is prone to an unauthenticated CSS and JS injection. The attackers can inject whatever they want when "wpfooter" and "wphead" is called, because "sesave" function is not sanitized. Solution Update the plugin...

3.9AI score

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by