CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

98 matches found

Patchstack•added 2026/05/01 9:16 a.m.•1 views

WordPress StreamWeasels Twitch Integration plugin <= 1.9.2 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin StreamWeasels Twitch Integration versions = 1.9.2...

6.1CVSS5.8AI score0.00135EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2026/01/09 9:31 a.m.•3 views

CVE-2023-25464

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in StreamWeasels Twitch Player plugin = 2.1.0 versions...

5.9CVSS5.2AI score0.00207EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-22969

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00163EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-32964

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00393EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-29419

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00207EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-22968

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00163EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-50192

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00233EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-26761

Malicious code in bioql PyPI...

6.5CVSS8.6AI score0.00197EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-30503

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00175EPSS

Exploits0References1

Cvelist•added 2025/09/06 3:22 a.m.•6 views

CVE-2025-9442 StreamWeasels Kick Integration <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via vodsChannel Parameter

The StreamWeasels Kick Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘vodsChannel’ parameter in all versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00066EPSS

Exploits0References4

Vulnrichment•added 2025/09/06 3:22 a.m.•5 views

CVE-2025-9442 StreamWeasels Kick Integration <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via vodsChannel Parameter

The StreamWeasels Kick Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘vodsChannel’ parameter in all versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS4.7AI score0.00066EPSS

Exploits0References4

CVE•added 2025/09/06 3:22 a.m.•14 views

CVE-2025-9442

CVE-2025-9442 : StreamWeasels Kick Integration for WordPress is vulnerable to Stored Cross-Site Scripting via the vodsChannel parameter in all versions up to and including 1.1.5. Exploitation requires authentication at Contributor level or higher, and an injected script runs when a user visits th...

6.4CVSS4.7AI score0.00066EPSS

Exploits0References4

CNNVD•added 2025/09/06 12:0 a.m.•2 views

WordPress plugin StreamWeasels Kick Integration 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.4CVSS5.7AI score0.00066EPSS

Exploits0References5

RedhatCVE•added 2025/07/31 5:7 a.m.•4 views

CVE-2025-7810

The StreamWeasels Kick Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'data-uuid' attribute in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...

5.4CVSS6AI score0.00122EPSS

Exploits0References1

RedhatCVE•added 2025/07/31 5:7 a.m.•6 views

CVE-2025-7809

The StreamWeasels Twitch Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'data-uuid' attribute in all versions up to, and including, 1.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

6.4CVSS5.5AI score0.00163EPSS

Exploits0References1

RedhatCVE•added 2025/07/31 5:7 a.m.•7 views

CVE-2025-7811

The StreamWeasels YouTube Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'data-uuid' attribute in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

6.4CVSS5.5AI score0.00163EPSS

Exploits0References1

NVD•added 2025/07/29 4:15 a.m.•4 views

CVE-2025-7811

The StreamWeasels YouTube Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'data-uuid' attribute in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

6.4CVSS0.00163EPSS

Exploits0References3

NVD•added 2025/07/29 4:15 a.m.•1 views

CVE-2025-7809

The StreamWeasels Twitch Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'data-uuid' attribute in all versions up to, and including, 1.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

6.4CVSS0.00163EPSS

Exploits0References3

Cvelist•added 2025/07/29 3:41 a.m.•7 views

CVE-2025-7811 StreamWeasels YouTube Integration <= 1.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The StreamWeasels YouTube Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'data-uuid' attribute in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

6.4CVSS0.00163EPSS

Exploits0References3

Vulnrichment•added 2025/07/29 3:41 a.m.•3 views

CVE-2025-7809 StreamWeasels Twitch Integration <= 1.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The StreamWeasels Twitch Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'data-uuid' attribute in all versions up to, and including, 1.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

6.4CVSS5.5AI score0.00163EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by