CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-Site Request Forgery CSRF vulnerability in Seerox WP Media File Type Manager wp-media-file-type-manager allows Cross Site Request Forgery.This issue affects WP Media File Type Manager: from n/a through = 2.3.2...

4.3CVSS5.8AI score0.00084EPSS

Exploits0References1

NVD•added 2025/06/06 1:15 p.m.•4 views

CVE-2025-27359

4.3CVSS0.00084EPSS

Exploits0References1

CVE•added 2025/06/06 12:54 p.m.•41 views

CVE-2025-27359

CVE-2025-27359 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WP Media File Type Manager plugin for WordPress. The issue allows CSRF to be performed against plugin settings, with affected versions listed as up to 2.3.0 (vendor is referenced as WP Media File Type Manager). The ...

4.3CVSS5.1AI score0.00084EPSS

Exploits0References1

Positive Technologies•added 2025/06/06 12:0 a.m.•3 views

PT-2025-24120 · WordPress · Seerox Wp Media File Type Manager

Name of the Vulnerable Software and Affected Versions: Seerox WP Media File Type Manager versions 2.3.0 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions to be performed on behalf of a user. Recommendations: For Seerox WP Media Fi...

4.3CVSS4.4AI score0.00084EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 12:54 a.m.•3 views

CVE-2022-47141

Cross-Site Request Forgery CSRF vulnerability in Seerox WP Dynamic Keywords Injector plugin = 2.3.15 versions...

8.8CVSS7.1AI score0.00104EPSS

Exploits0

RedhatCVE•added 2025/02/05 6:57 a.m.•3 views

CVE-2024-32528

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Seerox WP Dynamic Keywords Injector allows Reflected XSS.This issue affects WP Dynamic Keywords Injector: from n/a through 2.3.18...

7.1CVSS5.2AI score0.00248EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 4:6 a.m.•2 views

CVE-2024-54256

Missing Authorization vulnerability in Seerox Easy Blocks pro easy-blocks-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Easy Blocks pro: from n/a through = 1.0.21...

7.1CVSS7.2AI score0.00201EPSS

Exploits0References1

NVD•added 2024/12/13 3:15 p.m.•4 views

CVE-2024-54256

7.1CVSS0.00201EPSS

Exploits0References1

CVE•added 2024/12/13 2:24 p.m.•39 views

CVE-2024-54256

CVE-2024-54256 corresponds to a Missing Authorization issue in WordPress plugin Seerox Easy Blocks Pro (versions

7.1CVSS7.2AI score0.00201EPSS

Exploits0References1

Positive Technologies•added 2024/12/13 12:0 a.m.•2 views

PT-2024-36136 · Seerox · Seerox Easy Blocks Pro

Name of the Vulnerable Software and Affected Versions: Seerox Easy Blocks pro versions 1.0.0 through 1.0.21 Description: The issue is related to missing authorization, allowing access to functionality not properly constrained by Access Control Lists ACLs. This means that certain features or...

7.1CVSS6.9AI score0.00201EPSS

Exploits0References3

NVD•added 2024/04/17 10:15 a.m.•10 views

CVE-2024-32528

7.1CVSS6.9AI score0.00248EPSS

Exploits0References1

Cvelist•added 2024/04/17 9:44 a.m.•18 views

CVE-2024-32528 WordPress WP Dynamic Keywords Injector plugin <= 2.3.18 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS7.1AI score0.00248EPSS

Exploits0References1

Vulnrichment•added 2024/04/17 9:44 a.m.•17 views

CVE-2024-32528 WordPress WP Dynamic Keywords Injector plugin <= 2.3.18 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS5.2AI score0.00248EPSS

Exploits0References1

CVE•added 2024/04/17 9:44 a.m.•62 views

CVE-2024-32528

CVE-2024-32528 affects the WP Dynamic Keywords Injector (WordPress plugin) and is a reflected XSS due to improper input neutralization during page generation. Affected versions: n/a through 2.3.18. CVSSv3.1 base score 7.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L). Connected records indicate the issue...

7.1CVSS5.2AI score0.00248EPSS

Exploits0References1

Positive Technologies•added 2024/04/17 12:0 a.m.•2 views

PT-2024-24647 · WordPress · Seerox Wp Dynamic Keywords Injector

Name of the Vulnerable Software and Affected Versions: Seerox WP Dynamic Keywords Injector versions prior to 2.3.19 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS. Recommendations:...

7.1CVSS6.8AI score0.00248EPSS

Exploits0References3