CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36 matches found

CVE•added 2025/04/15 9:53 p.m.•47 views

CVE-2025-22269

CVE-2025-22269 — Stored XSS in Real Testimonials (WordPress plugin). Exploit via improper input neutralization during web page generation. Affected: Real Testimonials up to version 3.1.6. Status: patched per Red Hat/Wordfence updates; upgrade to a fixed release to remediate.

6.5CVSS7.2AI score0.00215EPSS

Exploits0References1

Positive Technologies•added 2025/04/15 12:0 a.m.•3 views

PT-2025-16506 · Shapedplugin Llc · Real Testimonials

Name of the Vulnerable Software and Affected Versions: ShapedPlugin LLC Real Testimonials versions 3.1.6 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means that an attacker can...

6.5CVSS6.6AI score0.00215EPSS

Exploits0References3

NVD•added 2024/12/13 3:15 p.m.•28 views

CVE-2023-41132

Missing Authorization vulnerability in ShapedPlugin LLC Category Slider for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Category Slider for WooCommerce: from n/a through 1.4.15...

4.3CVSS0.00374EPSS

Exploits0References1

Cvelist•added 2024/12/13 2:24 p.m.•13 views

CVE-2023-41132 WordPress Category Slider for WooCommerce plugin <= 1.4.15 - Broken Access Control vulnerability

4.3CVSS0.00374EPSS

Exploits0References1

Vulnrichment•added 2024/12/13 2:24 p.m.•9 views

CVE-2023-41132 WordPress Category Slider for WooCommerce plugin <= 1.4.15 - Broken Access Control vulnerability

4.3CVSS7.3AI score0.00374EPSS

Exploits0References1

NVD•added 2024/04/24 9:15 a.m.•7 views

CVE-2024-32801

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ShapedPlugin Widget Post Slider allows Stored XSS.This issue affects Widget Post Slider: from n/a through 1.3.5...

5.9CVSS5.7AI score0.00339EPSS

Exploits0References1

Vulnrichment•added 2024/04/24 8:44 a.m.•13 views

CVE-2024-32801 WordPress Widget Post Slider plugin <= 1.3.5 - Cross Site Scripting (XSS) vulnerability

5.9CVSS6.7AI score0.00339EPSS

Exploits0References1

CVE•added 2024/04/24 8:44 a.m.•58 views

CVE-2024-32801

Technical details for CVE-2024-32801 are not provided in the connected documents. No specifics on affected product/version/root cause/fix are given beyond the initial XSS description. Monitor for updates.

5.9CVSS5.2AI score0.00339EPSS

Exploits0References1

NVD•added 2024/01/05 12:15 p.m.•18 views

CVE-2023-52124

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ShapedPlugin LLC WP Tabs – Responsive Tabs Plugin for WordPress allows Stored XSS.This issue affects WP Tabs – Responsive Tabs Plugin for WordPress: from n/a through 2.2.0...

6.5CVSS6.5AI score0.00303EPSS

Exploits0References1

Prion•added 2024/01/05 12:15 p.m.•12 views

Cross site scripting

4.9CVSS7AI score0.00303EPSS

Exploits0References1Affected Software1

CVE•added 2024/01/05 11:17 a.m.•77 views

CVE-2023-52124

CVE-2023-52124 is an authenticated stored XSS against the WP Tabs – Responsive Tabs plugin for WordPress (vulnerable: up to 2.2.0). The issue arises from improper input neutralization during web page generation, enabling an attacker with a valid user account (likely a Contributor+ role) to inject...

6.5CVSS6.8AI score0.00303EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/01/05 11:17 a.m.•13 views

CVE-2023-52124 WordPress WP Tabs Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

6.5CVSS6.7AI score0.00303EPSS

Exploits0References1

NVD•added 2023/02/14 12:15 p.m.•7 views

CVE-2023-25065

Cross-Site Request Forgery CSRF vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin for WordPress plugin = 2.1.14 versions...

8.8CVSS6.5AI score0.00255EPSS

Exploits0References1