CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1495 matches found

Cvelist•added 2025/08/12 4:25 a.m.•4 views

CVE-2025-8314 Software Issue Manager <= 5.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter

The Software Issue Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘noaccessmsg parameter in all versions up to, and including, 5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.0024EPSS

Exploits0References4

Positive Technologies•added 2025/08/12 12:0 a.m.•2 views

PT-2025-32624 · WordPress · Software Issue Manager

Name of the Vulnerable Software and Affected Versions: Software Issue Manager plugin for WordPress versions up to and including 5.0.1 Description: The Software Issue Manager plugin for WordPress is susceptible to Stored Cross-Site Scripting through the noaccess msg parameter due to insufficient...

6.4CVSS6.2AI score0.0024EPSS

Exploits0References9

CNNVD•added 2025/08/12 12:0 a.m.•1 views

WordPress plugin Software Issue Manager 跨站脚本漏洞

The WordPress Software Issue Manager plugin is a project-based WordPress plugin for tracking software defects, issues, tasks, and product feature requests, with support for customized reporting. The WordPress Software Issue Manager plugin suffers from a cross-site scripting vulnerability that ste...

6.4CVSS5.9AI score0.0024EPSS

Exploits0References4

OSV•added 2025/08/11 9:26 a.m.•2 views

CGA-925R-XP4G-39WR

Bulletin has no description...

7CVSS7.2AI score0.00331EPSS

Exploits0

OSV•added 2025/08/10 8:1 p.m.•1 views

MINI-CXRF-822R-3XJJ

Bulletin has no description...

7.8CVSS7.2AI score0.00324EPSS

Exploits1

OSV•added 2025/08/10 8:42 a.m.•1 views

MINI-H66C-2WH7-68H4

Bulletin has no description...

3.4CVSS7.2AI score0.03641EPSS

Exploits0

OSV•added 2025/08/10 8:42 a.m.•1 views

MINI-H6Q6-GRRH-24RG

Bulletin has no description...

4.3CVSS7.2AI score0.03533EPSS

Exploits0

OSV•added 2025/08/10 8:42 a.m.•1 views

MINI-F7GJ-PHFH-RG9P

Bulletin has no description...

4.3CVSS7.2AI score0.02298EPSS

Exploits0

OSV•added 2025/08/10 8:42 a.m.•1 views

MINI-9M25-5XP9-CVGJ

Bulletin has no description...

5.3CVSS7.2AI score0.02038EPSS

Exploits0

OSV•added 2025/08/10 8:42 a.m.•1 views

MINI-7FWC-F2G6-7RCC

Bulletin has no description...

3.7CVSS7.2AI score0.01203EPSS

Exploits0

OSV•added 2025/08/10 8:41 a.m.•2 views

MINI-5GV5-44CF-6278

Bulletin has no description...

5.3CVSS7.2AI score0.01058EPSS

Exploits0

OSV•added 2025/08/10 8:41 a.m.•1 views

MINI-55PG-V2P9-9JF9

Bulletin has no description...

4.3CVSS7.2AI score0.03472EPSS

Exploits0

OSV•added 2025/08/10 8:41 a.m.•1 views

MINI-XWRF-429X-R36H

Bulletin has no description...

3.1CVSS7.2AI score0.02417EPSS

Exploits0

OSV•added 2025/08/10 8:40 a.m.•1 views

MINI-25Q9-9C6R-R592

Bulletin has no description...

5.3CVSS7.2AI score0.05166EPSS

Exploits0

OSV•added 2025/08/02 8:50 a.m.•1 views

MINI-23WM-JHM6-4R63

Bulletin has no description...

4.8CVSS3.6AI score0.00214EPSS

Exploits1

OSV•added 2025/07/29 6:49 p.m.•2 views

GO-2025-3823 Kyverno's Improper JMESPath Variable Evaluation Lead to Denial of Service in github.com/kyverno/kyverno

Kyverno's Improper JMESPath Variable Evaluation Lead to Denial of Service in github.com/kyverno/kyverno...

7.7CVSS6AI score0.00456EPSS

Exploits1References3

Github Security Blog•added 2025/07/28 3:31 a.m.•4 views

Duplicate Advisory: `ed25519-dalek` Double Public Key Signing Function Oracle Attack

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w5vr-6qhr-36cc. This link is maintained to preserve external references. Original Description The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair...

5.9CVSS7.1AI score0.00177EPSS

Exploits0References5Affected Software1

OSV•added 2025/07/26 1:56 p.m.•0 views

BELL-CVE-2025-38451

Bulletin has no description...

5.5CVSS7AI score0.00141EPSS

Exploits0References1

OSV•added 2025/07/26 1:56 p.m.•3 views

BELL-CVE-2025-38419

Bulletin has no description...

5.5CVSS6.2AI score0.00146EPSS

Exploits0References1