CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

5 matches found

Cvelist•added 2025/12/31 8:50 a.m.•23 views

CVE-2025-63000 WordPress Sermon Manager plugin <= 2.30.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpforchurch Sermon Manager sermon-manager-for-wordpress allows Stored XSS.This issue affects Sermon Manager: from n/a through = 2.30.0...

6.5CVSS0.00024EPSS

Exploits0References1

RedhatCVE•added 2025/12/06 5:54 a.m.•1 views

CVE-2025-12368

The Sermon Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sermon-views shortcode in all versions up to, and including, 2.30.0. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticate...

6.4CVSS5AI score0.00031EPSS

Exploits0References1

NVD•added 2025/12/05 6:16 a.m.•1 views

CVE-2025-12368

The Sermon Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sermon-views shortcode in all versions up to, and including, 2.30.0. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticate...

6.4CVSS0.00031EPSS

Exploits0References3

Positive Technologies•added 2025/12/05 12:0 a.m.•2 views

PT-2025-49210

The Sermon Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sermon-views shortcode in all versions up to, and including, 2.30.0. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticate...

6.4CVSS5AI score0.00031EPSS

Exploits0References4

Patchstack•added 2025/11/28 4:48 p.m.•3 views

WordPress Sermon Manager plugin <= 2.30.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Sermon Manager versions = 2.30.0...

5.3CVSS7AI score0.00038EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by