CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/02/13 9:23 p.m.•2 views

CVE-2025-15157

8.8CVSS5.7AI score0.00316EPSS

Exploits0References3

Cvelist•added 2026/02/13 9:23 p.m.•31 views

CVE-2025-15157 Starfish Review Generation & Marketing for WordPress <= 3.1.19 - Authenticated (Subscriber+) Arbitrary Options Update via srm_restore_options_defaults

8.8CVSS0.00316EPSS

Vulnrichment•added 2026/02/13 9:23 p.m.•2 views

CVE-2025-15157 Starfish Review Generation & Marketing for WordPress <= 3.1.19 - Authenticated (Subscriber+) Arbitrary Options Update via srm_restore_options_defaults

8.8CVSS5.6AI score0.00316EPSS

CVE•added 2026/02/13 9:23 p.m.•20 views

CVE-2025-15157

The CVE applies to the WordPress plugin Starfish Review Generation & Marketing (WordPress

8.8CVSS5.7AI score0.00316EPSS

CNNVD•added 2026/02/13 12:0 a.m.•6 views

WordPress plugin Starfish Review Generation & Marketing 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.8CVSS6AI score0.00316EPSS

EUVD-2025-97243

Malicious code in latinstarfishz3n npm...

EUVD-2025-103723

Malicious code in muddystarfishz3n npm...

OSV•added 2025/11/11 8:46 p.m.•3 views

MAL-2025-128682 Malicious code in muddy_starfish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7a853c71e79cce10ef8cea94b889c181e11968e3826593a400ecbcde1caf963 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score

OSSF Malicious Packages•added 2025/11/11 8:46 p.m.•4 views

Malicious code in domestic_starfish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f7c5cc0457b67650706742c8c45c9de50517f4e9fda966501eff7a0114ca23a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

OSSF Malicious Packages•added 2025/11/11 8:46 p.m.•4 views

Malicious code in elated_starfish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 184719316679bddbcf31be985b37e9eb09c8f44524ca621bbacbbd9a648c54b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

EUVD-2025-97988

Malicious code in injuredstarfishz3n npm...

EUVD-2025-99741

Malicious code in domesticstarfishz3n npm...

EUVD-2025-99327

Malicious code in elatedstarfishz3n npm...

EUVD•added 2025/11/11 8:11 p.m.•3 views

EUVD-2025-94902

Malicious code in subtlestarfishz3n npm...

EUVD•added 2025/11/11 8:11 p.m.•4 views

EUVD-2025-96115

Malicious code in obnoxiousstarfishz3n npm...

OSSF Malicious Packages•added 2025/11/11 8:11 p.m.•4 views

Malicious code in distant_starfish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52072f46f8d61441f9fda00a9eb7df8704cb4894c4a0c6fa8808c09719233783 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

EUVD•added 2025/11/11 8:11 p.m.•3 views

EUVD-2025-96448

Malicious code in miniaturestarfishz3n npm...

EUVD•added 2025/11/11 8:11 p.m.•2 views

EUVD-2025-93764

Malicious code in yodellingstarfishz3n npm...