CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

39 matches found

CVE-2026-8900

The CVE-2026-8900 entry concerns the WordPress plugin Simple SEO Slideshow (versions up to and including 1.2.8). The vulnerability is a Stored Cross-Site Scripting (XSS) via shortcode attributes , caused by insufficient input sanitization and output escaping. An authenticated attacker with contri...

6.4CVSS5.7AI score

Exploits0References5

RedhatCVE•added 2026/01/09 9:27 a.m.•4 views

CVE-2023-45269

Cross-Site Request Forgery CSRF vulnerability in David Cole Simple SEO plugin = 2.0.25 versions...

5.4CVSS7.1AI score0.00048EPSS

Exploits0References1

CNVD•added 2025/10/17 12:0 a.m.•3 views

WordPress Simple SEO plugin cross-site scripting vulnerability

WordPress Simple SEO plugin is an SEO optimization tool designed based on the SimpleTags plugin, which is mainly used to help users simplify search engine optimization SEO operations. WordPress Simple SEO plugin suffers from a cross-site scripting vulnerability that stems from the application's...

6.1CVSS6.2AI score0.00025EPSS

Exploits0References1

RedhatCVE•added 2025/10/15 6:36 a.m.•4 views

CVE-2025-10357

The Simple SEO WordPress plugin before 2.0.32 does not sanitise and escape some parameters when outputing them in the page, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks...

6.1CVSS6AI score0.00025EPSS

Exploits0References1

Patchstack•added 2025/10/15 12:6 a.m.•3 views

WordPress Simple SEO plugin < 2.0.32 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Simple SEO versions 2.0.32...

6.1CVSS6.1AI score0.00025EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/14 6:31 a.m.•1 views

EUVD-2025-34141

6.1CVSS5.5AI score0.00025EPSS

Exploits0References3

NVD•added 2025/10/14 6:15 a.m.•1 views

CVE-2025-10357

6.1CVSS0.00025EPSS

Exploits0References1

Cvelist•added 2025/10/14 6:0 a.m.•4 views

CVE-2025-10357 Simple SEO < 2.0.32 - Contributor+ Stored XSS

0.00025EPSS

Exploits0References1

CNNVD•added 2025/10/14 12:0 a.m.•2 views

WordPress plugin Simple SEO 安全漏洞

6.1CVSS6AI score0.00025EPSS

Exploits0References1

Positive Technologies•added 2025/10/14 12:0 a.m.•2 views

PT-2025-41847

Name of the Vulnerable Software and Affected Versions Simple SEO WordPress plugin versions prior to 2.0.32 Description The software does not properly sanitize and escape parameters when outputting them on the page. This could allow users with a contributor role or higher to perform Cross-Site...

6.1CVSS5.8AI score0.00025EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-49575

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00048EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-47563

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00093EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-39117

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00113EPSS

Exploits0References1

OSV•added 2023/10/13 4:15 p.m.•1 views

CVE-2023-45269

Cross-Site Request Forgery CSRF vulnerability in David Cole Simple SEO plugin = 2.0.25 versions...

5.4CVSS7.3AI score

Exploits0References1

CVE•added 2023/10/13 3:0 p.m.•47 views

CVE-2023-45269

CVE-2023-45269 - CSRF in WordPress Simple SEO plugin (

5.4CVSS6AI score0.00048EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/10/13 3:0 p.m.•14 views

CVE-2023-45269 WordPress Simple SEO Plugin <= 2.0.25 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in David Cole Simple SEO plugin = 2.0.25 versions...

5.4CVSS5.9AI score0.00048EPSS

Exploits0References1

CNNVD•added 2023/10/13 12:0 a.m.•1 views

Wordpress Plugin Simple SEO Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

5.4CVSS6.5AI score0.00048EPSS

Exploits0References2

Positive Technologies•added 2023/10/13 12:0 a.m.•2 views

PT-2023-29475 · Unknown · David Cole Simple Seo

Name of the Vulnerable Software and Affected Versions: David Cole Simple SEO plugin versions prior to 2.0.25 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a...

5.4CVSS6.1AI score0.00048EPSS

Exploits0References4

Patchstack•added 2023/10/06 12:0 a.m.•7 views

WordPress Simple SEO Plugin <= 2.0.25 is vulnerable to Cross Site Request Forgery (CSRF)

Software Simple SEO Type Plugin Vulnerable versions = 2.0.25 Fixed in 2.0.26 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45269 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID ddc0939d5337 Credits Mika Required privileg...

5.4CVSS6.6AI score0.00048EPSS

Exploits0References2Affected Software1

OSV•added 2022/11/03 8:15 p.m.•1 views

CVE-2022-44627

Cross-Site Request Forgery CSRF vulnerability in David Cole Simple SEO plugin = 1.8.12 on WordPress allows attackers to create or delete sitemaps...

5.4CVSS5.8AI score0.00093EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by