CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

67 matches found

NVD•added 2026/04/09 9:16 p.m.•4 views

CVE-2023-54363

Joomla Solidres 2.13.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating multiple GET parameters including show, reviews, typeid, distance, facilities, categories, prices, location, and Itemid. Attackers can...

6.1CVSS0.00095EPSS

Exploits0References4

ATTACKERKB•added 2026/04/09 8:54 p.m.•0 views

CVE-2023-54363

6.1CVSS5.8AI score0.00095EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2026/04/09 8:54 p.m.•1 views

CVE-2023-54363 Joomla Solidres 2.13.3 Reflected XSS via Multiple Parameters

6.1CVSS5.6AI score0.00095EPSS

Exploits0References4

CVE•added 2026/04/09 8:54 p.m.•3 views

CVE-2023-54363

CVE-2023-54363 affects Joomla Solidres 2.13.3 and describes a reflected cross-site scripting vulnerability. The issue arises from unsafely handling multiple GET parameters (show, reviews, type_id, distance, facilities, categories, prices, location, Itemid), allowing unauthenticated attackers to c...

6.1CVSS5.8AI score0.00095EPSS

Exploits0References4

Cvelist•added 2026/04/09 8:54 p.m.•14 views

CVE-2023-54363 Joomla Solidres 2.13.3 Reflected XSS via Multiple Parameters

6.1CVSS0.00095EPSS

Exploits0References4

CNNVD•added 2026/04/09 12:0 a.m.•4 views

Joomla Solidres 跨站脚本漏洞

Joomla Solidres is an open-source extension for hotel booking and room status management by Solidres. Version 2.13.3 of Joomla Solidres contains a cross-site scripting vulnerability. This vulnerability arises from improper handling of multiple GET parameters, which may lead to reflective cross-si...

6.1CVSS5.6AI score0.00095EPSS

Exploits0References4

Positive Technologies•added 2026/04/09 12:0 a.m.•1 views

PT-2026-31730

Joomla Solidres 2.13.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating multiple GET parameters including show, reviews, type id, distance, facilities, categories, prices, location, and Itemid. Attackers can...

6.1CVSS5.8AI score0.00095EPSS

Exploits0References5

RedhatCVE•added 2026/01/09 8:48 a.m.•5 views

CVE-2025-23911

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in solidres Solidres – Hotel booking plugin solidres allows SQL Injection.This issue affects Solidres – Hotel booking plugin: from n/a through = 0.9.4...

8.5CVSS7.3AI score0.00119EPSS

Exploits0References1

Patchstack•added 2025/12/31 12:0 a.m.•5 views

WordPress Solidres plugin <= 0.9.4 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Solidres – Hotel booking plugin versions = 0.9.4...

7.1CVSS8.3AI score0.00148EPSS

Exploits1References1Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-17745

Malware in sbrugna...

9.8CVSS9.3AI score0.01411EPSS

Exploits5References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-23630

Malicious code in bioql PyPI...

4.8CVSS6.2AI score0.00381EPSS

Exploits2References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-23633

Malicious code in bioql PyPI...

6.1CVSS6.9AI score0.00199EPSS

Exploits2References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-3526

Malicious code in bioql PyPI...

8.5CVSS8.7AI score0.00119EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:59 a.m.•3 views

CVE-2023-1377

The Solidres WordPress plugin through 0.9.4 does not sanitise and escape numerous parameter before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.1AI score0.00199EPSS

Exploits2References1

RedhatCVE•added 2025/05/23 2:59 a.m.•2 views

CVE-2023-1374

The Solidres plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'currencyname' parameter in versions up to, and including, 0.9.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrator privileges to...

4.8CVSS5AI score0.00381EPSS

Exploits2References1

RedhatCVE•added 2025/02/08 4:35 a.m.•7 views

CVE-2024-13329

The Solidres WordPress plugin through 0.9.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00148EPSS

Exploits1References1

NVD•added 2025/02/04 6:15 a.m.•13 views

CVE-2024-13329

7.1CVSS0.00148EPSS

Exploits1References1

OSV•added 2025/02/04 6:15 a.m.•0 views

CVE-2024-13329

7.1CVSS7.3AI score0.00148EPSS

Exploits1References1

CVE•added 2025/02/04 6:0 a.m.•59 views

CVE-2024-13329

The CVE-2024-13329 entry concerns the Solidres WordPress plugin (versions up to 0.9.4). Description confirms a Reflected XSS vulnerability caused by insufficient sanitization/escaping of a parameter before it is echoed in the page, potentially impacting high-privilege users (e.g., admins). Connec...

7.1CVSS6.2AI score0.00148EPSS

Exploits1References1Affected Software1

Cvelist•added 2025/02/04 6:0 a.m.•17 views

CVE-2024-13329 Solidres <= 0.9.4 - Reflected XSS

0.00148EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by