CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

WordPress Securimage-WP-Fixed <=3.5.4 - Cross-Site Scripting

WordPress Securimage-WP-Fixed plugin 3.5.4 and prior contains a cross-site scripting vulnerability due to the use of $SERVER'PHPSELF' in the /securimage-wp.php file, which allows attackers to inject arbitrary web scripts. id: CVE-2021-34640 info: name: WordPress Securimage-WP-Fixed =3.5.4 -...

6.1CVSS6.4AI score0.03864EPSS

Exploits2References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-21290

Malware in sbrugna...

6.1CVSS6.2AI score0.03864EPSS

Exploits2References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-39080

Malicious code in bioql PyPI...

4.3CVSS6AI score0.00089EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:37 a.m.•6 views

CVE-2023-35044

Cross-Site Request Forgery CSRF vulnerability in Drew Phillips Securimage-WP plugin = 3.6.16 versions...

4.3CVSS7.1AI score0.00089EPSS

Exploits0

NVD•added 2023/07/11 1:15 p.m.•11 views

CVE-2023-35044

Cross-Site Request Forgery CSRF vulnerability in Drew Phillips Securimage-WP plugin = 3.6.16 versions...

4.3CVSS4.7AI score0.00089EPSS

Exploits0References1

Prion•added 2023/07/11 1:15 p.m.•12 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Drew Phillips Securimage-WP plugin = 3.6.16 versions...

4.3CVSS4.8AI score0.00089EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/07/11 12:13 p.m.•11 views

CVE-2023-35044 WordPress Securimage-WP Plugin <= 3.6.16 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Drew Phillips Securimage-WP plugin = 3.6.16 versions...

4.3CVSS7.1AI score0.00089EPSS

Exploits0References1

CVE•added 2023/07/11 12:13 p.m.•38 views

CVE-2023-35044

CVE-2023-35044 affects the WordPress Securimage-WP plugin

4.3CVSS5.1AI score0.00089EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/07/11 12:13 p.m.•16 views

CVE-2023-35044 WordPress Securimage-WP Plugin <= 3.6.16 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Drew Phillips Securimage-WP plugin = 3.6.16 versions...

4.3CVSS5.1AI score0.00089EPSS

Exploits0References1

CNNVD•added 2023/07/11 12:0 a.m.•3 views

WordPress Plugin Securimage-WP 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

4.3CVSS6.3AI score0.00089EPSS

Exploits0References2

WPVulnDB•added 2023/06/13 12:0 a.m.•14 views

Securimage-WP <= 3.6.16 - Cross-Site Request Forgery

The plugin does not adequately verify requests use nonces, leading to potential CSRF vulnerabilities...

4.3CVSS6.8AI score0.00089EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/06/13 12:0 a.m.•7 views

WordPress Securimage-WP Plugin <= 3.6.16 is vulnerable to Cross Site Request Forgery (CSRF)

Software Securimage-WP Type Plugin Vulnerable versions = 3.6.16 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-35044 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 10bf6d005f14 Credits Abdi Pranata Required...

4.3CVSS6.6AI score0.00089EPSS

Exploits0References1Affected Software1

NVD•added 2021/08/11 3:15 p.m.•9 views

CVE-2021-34640

The Securimage-WP-Fixed WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $SERVER'PHPSELF' in the /securimage-wp.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.5.4...

6.1CVSS0.03864EPSS

Exploits2References2

Prion•added 2021/08/11 3:15 p.m.•9 views

Cross site scripting

4.3CVSS6.1AI score0.03864EPSS

Exploits2References2Affected Software1

Cvelist•added 2021/08/11 3:0 p.m.•10 views

CVE-2021-34640 Securimage-WP-Fixed <= 3.5.4 Reflected Cross-Site Scripting

6.1CVSS6.2AI score0.03864EPSS

Exploits2References2

CVE•added 2021/08/11 3:0 p.m.•68 views

CVE-2021-34640

CVE-2021-34640 affects the WordPress plugin Securimage-WP-Fixed (versions ≤ 3.5.4). The vulnerability is a reflected Cross-Site Scripting (XSS) caused by using $_SERVER['PHP_SELF'] in the securimage-wp.php file, allowing attackers to inject arbitrary web scripts into the affected site. Impact is ...

6.1CVSS6AI score0.03864EPSS

Exploits2References2Affected Software1

WPVulnDB•added 2021/08/11 12:0 a.m.•20 views

Securimage-WP-Fixed <= 3.5.4 - Reflected Cross-Site Scripting (XSS)

The plugin is affected by a Reflected Cross-Site Scripting issue due to the use of $SERVER'PHPSELF' in the /securimage-wp.php file which allows attackers to inject arbitrary web scripts PoC https://example.com/wp-admin/options-general.php/"/script%3E?page=securimage-wp-options%2F...

6.1CVSS2.1AI score0.03864EPSS

Exploits2References1Affected Software1

Patchstack•added 2021/08/11 12:0 a.m.•12 views

WordPress Securimage-WP-Fixed plugin <= 3.5.4 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress Securimage-WP-Fixed plugin versions = 3.5.4. Solution This plugin has been closed as of August 9, 2021 and is not available for download. This closure is temporary, pending a full review...

6.1CVSS3.2AI score0.03864EPSS

Exploits2References3Affected Software1

WPVulnDB•added 2014/08/01 10:59 a.m.•15 views

Securimage-WP 3.2.4 - siwp_test.php URI XSS

The Securimage-WP WordPress plugin was affected by a siwptest.php URI XSS security vulnerability...

2.1AI score

Exploits0References2Affected Software1

0day.today•added 2013/05/15 12:0 a.m.•19 views

WordPress Securimage 3.2.4 Cross Site Scripting Vulnerability

WordPress Securimage plugin version 3.2.4 suffers from a cross site scripting vulnerability. Wordpress Securimage-WP Plugin v3.2.4 URI-based XSS Vulnerability Vendor: Securimage PHP CAPTCHA Product web page: https://wordpress.org/extend/plugins/securimage-wp/ Affected version: 3.2.4 Summary:...

6.7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by