CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

RedhatCVE•added 2025/12/25 1:23 p.m.•1 views

CVE-2025-68523

Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar spiffy-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spiffy Calendar: from n/a through = 5.0.7...

4.3CVSS7AI score0.00041EPSS

Exploits0References1

NVD•added 2025/12/24 1:16 p.m.•1 views

CVE-2025-68523

4.3CVSS0.00041EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-35410

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00143EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-43546

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00231EPSS

Exploits0References1

RedhatCVE•added 2025/09/05 3:22 p.m.•1 views

CVE-2025-58625

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spiffy Plugins WP Flow Plus wp-imageflow2 allows Stored XSS.This issue affects WP Flow Plus: from n/a through = 5.2.5...

5.9CVSS5.9AI score0.00043EPSS

Exploits0References1

NVD•added 2025/09/03 3:15 p.m.•2 views

CVE-2025-58625

5.9CVSS0.00043EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:16 a.m.•0 views

CVE-2024-30528

Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar.This issue affects Spiffy Calendar: from n/a through 4.9.10...

6.3CVSS7AI score0.00077EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:25 a.m.•2 views

CVE-2024-49695

6.5CVSS5.9AI score0.00231EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:11 a.m.•4 views

CVE-2023-32122

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Spiffy Plugins Spiffy Calendar plugin = 4.9.3 versions...

6.1CVSS5.9AI score0.00104EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 12:58 a.m.•5 views

CVE-2022-46859

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Spiffy Plugins Spiffy Calendar spiffy-calendar allows SQL Injection.This issue affects Spiffy Calendar: from n/a through 4.9.1...

9.8CVSS8.9AI score0.00147EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 9:24 a.m.•4 views

CVE-2024-30427

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spiffy Plugins Spiffy Calendar allows Reflected XSS.This issue affects Spiffy Calendar: from n/a through 4.9.7...

7.1CVSS8.6AI score0.00234EPSS

Exploits0References1

OSV•added 2024/10/24 1:15 p.m.•0 views

CVE-2024-49695

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a through 5.2.3...

5.4CVSS5.8AI score0.00231EPSS

Exploits0References1

NVD•added 2024/10/24 1:15 p.m.•9 views

CVE-2024-49695

6.5CVSS0.00231EPSS

Exploits0References1

CVE•added 2024/10/24 12:38 p.m.•43 views

CVE-2024-49695

CVE-2024-49695 involves a Stored XSS in WP Flow Plus (WordPress) due to improper input neutralization during web page generation in versions up to 5.2.3. The vulnerability affects WP Flow Plus and can be mitigated by upgrading to version 5.2.4 or later, per Patchstack and related sources. The CVE...

6.5CVSS5.9AI score0.00231EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/10/24 12:38 p.m.•20 views

CVE-2024-49695 WordPress WP Flow Plus plugin <= 5.2.3 - Cross Site Scripting (XSS) vulnerability

6.5CVSS5.9AI score0.00231EPSS

Exploits0References1

Cvelist•added 2024/10/24 12:38 p.m.•21 views

CVE-2024-49695 WordPress WP Flow Plus plugin <= 5.2.3 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00231EPSS

Exploits0References1

OSV•added 2024/09/15 8:15 a.m.•0 views

CVE-2024-45457

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Spiffy Plugins Spiffy Calendar allows Stored XSS.This issue affects Spiffy Calendar: from n/a through 4.9.13...

5.4CVSS5.8AI score0.00177EPSS

Exploits0References1

NVD•added 2024/09/15 8:15 a.m.•11 views

CVE-2024-45457

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spiffy Plugins Spiffy Calendar spiffy-calendar allows Stored XSS.This issue affects Spiffy Calendar: from n/a through = 4.9.13...

6.5CVSS0.00177EPSS

Exploits0References1

OSV•added 2024/09/15 8:15 a.m.•1 views

CVE-2024-45458

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Spiffy Plugins Spiffy Calendar allows Reflected XSS.This issue affects Spiffy Calendar: from n/a through 4.9.13...

6.1CVSS5.8AI score0.0034EPSS

Exploits0References1

CVE•added 2024/09/15 7:43 a.m.•36 views

CVE-2024-45457

CVE-2024-45457 affects Spiffy Calendar plugin for WordPress (versions through 4.9.13). The vulnerability is a Stored XSS due to improper input neutralization during web page generation. Public records from Patchstack and Red Hat confirm this, listing the affected range as up to 4.9.13 and noting ...

6.5CVSS5.9AI score0.00177EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by