CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

40 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-40652

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.00187EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-2946

Malicious code in bioql PyPI...

6.5CVSS8.7AI score0.00137EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 11:42 a.m.•4 views

CVE-2025-22727

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginOps MailChimp Subscribe Forms mailchimp-subscribe-sm allows Stored XSS.This issue affects MailChimp Subscribe Forms : from n/a through = 4.1...

6.5CVSS7.2AI score0.00137EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:38 a.m.•5 views

CVE-2024-43211

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginOps MailChimp Subscribe Forms allows Stored XSS.This issue affects MailChimp Subscribe Forms : from n/a through 4.0.9.9...

5.9CVSS6.7AI score0.00187EPSS

Exploits0

NVD•added 2025/01/21 2:15 p.m.•11 views

CVE-2025-22727

6.5CVSS0.00137EPSS

Exploits0References1

Cvelist•added 2025/01/21 1:57 p.m.•14 views

CVE-2025-22727 WordPress MailChimp Subscribe Form plugin <= 4.1 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00137EPSS

Exploits0References1

Positive Technologies•added 2025/01/21 12:0 a.m.•2 views

PT-2025-4652 · Unknown · Pluginops Mailchimp Subscribe Forms

Name of the Vulnerable Software and Affected Versions: PluginOps MailChimp Subscribe Forms versions prior to 4.1 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored Cross-site Scripting XSS. This means an attacker can inject...

6.5CVSS9.1AI score0.00137EPSS

Exploits0References5

CNNVD•added 2025/01/21 12:0 a.m.•1 views

WordPress plugin MailChimp Subscribe Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS7.7AI score0.00137EPSS

Exploits0References2

ATTACKERKB•added 2024/11/01 3:15 p.m.•4 views

CVE-2024-43211

5.9CVSS5.2AI score0.00187EPSS

Exploits0References2

CVE•added 2024/11/01 2:17 p.m.•32 views

CVE-2024-43211

CVE-2024-43211 is a Stored XSS vulnerability in the WordPress plugin MailChimp Subscribe Forms (versions up to and including 4.0.9.9; affected versions are listed as n/a through 4.0.9.9). The issue stems from improper neutralization of input during web page generation. Impact is described as cros...

5.9CVSS5.7AI score0.00187EPSS

Exploits0References1

Vulnrichment•added 2024/11/01 2:17 p.m.•12 views

CVE-2024-43211 WordPress MailChimp Subscribe Form plugin <=4.0.9.9 - Stored Cross-Site Scripting vulnerability

5.9CVSS5.7AI score0.00187EPSS

Exploits0References1

CNNVD•added 2024/11/01 12:0 a.m.•0 views

WordPress plugin MailChimp Subscribe Forms 跨站脚本漏洞

5.9CVSS6AI score0.00187EPSS

Exploits0References1

Positive Technologies•added 2024/11/01 12:0 a.m.•2 views

PT-2024-30374 · Pluginops · Pluginops Mailchimp Subscribe Forms

Name of the Vulnerable Software and Affected Versions: PluginOps MailChimp Subscribe Forms versions n/a through 4.0.9.9 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

5.9CVSS5.3AI score0.00187EPSS

Exploits0References3

Vulnrichment•added 2024/10/10 2:6 a.m.•15 views

CVE-2024-8477 Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue) <= 3.1.87 - Cross-Site Request Forgery

The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo formely Sendinblue plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.87. This is due to missing or incorrect nonce validation on the Init function. This makes it possible fo...

4.3CVSS6.5AI score0.00213EPSS

Exploits0References2

ATTACKERKB•added 2024/08/26 9:15 p.m.•3 views

CVE-2024-43287

Cross-Site Request Forgery CSRF vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue.This issue affects Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue: from n/a through 3.1.82...

8.8CVSS5.1AI score0.0013EPSS

Exploits0References2

OSV•added 2024/08/26 9:15 p.m.•0 views

CVE-2024-43287

8.8CVSS5.8AI score

Exploits0References1

CVE•added 2024/08/26 8:46 p.m.•48 views

CVE-2024-43287

CVE-2024-43287 is a CSRF vulnerability in Brevo (Sendinblue) WordPress plugin forms (Newsletter, SMTP, Email marketing and Subscribe forms). The vulnerability affects Brevo forms up to version 3.1.82. The connected PT security entry recommends upgrading to 3.1.83 as the remediation. Other sources...

8.8CVSS7AI score0.0013EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/08/09 11:3 a.m.•2 views

WordPress MailChimp Subscribe Form plugin <= 4.0.9.7 - Stored Cross-Site Scripting vulnerability

Stored Cross-Site Scripting vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin MailChimp Subscribe Forms versions = 4.0.9.7...

5.9CVSS5.8AI score0.00187EPSS

Exploits0Affected Software1

Patchstack•added 2024/08/09 12:0 a.m.•10 views

WordPress MailChimp Subscribe Forms Plugin <= 4.0.9.9 is vulnerable to Cross Site Scripting (XSS)

Software MailChimp Subscribe Forms Type Plugin Vulnerable versions = 4.0.9.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43211 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b6921b6bb1b6 Credits Steven Julian Required...

5.9CVSS5.8AI score0.00187EPSS

Exploits0References2Affected Software1

OSV•added 2024/06/04 2:15 p.m.•0 views

CVE-2024-35668

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue allows Reflected XSS.This issue affects Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue: from n/...

6.1CVSS5.8AI score0.00167EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by