CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-17728

Malware in sbrugna...

6.1CVSS6.2AI score0.0019EPSS

Exploits1References3

RedhatCVE•added 2025/05/22 4:4 p.m.•5 views

CVE-2020-25033

The Blubrry subscribe-sidebar aka Subscribe Sidebar plugin 1.3.1 for WordPress allows subscribesidebar.php= reflected XSS...

6.1CVSS7AI score0.0019EPSS

Exploits1

OSV•added 2020/08/31 5:15 a.m.•0 views

CVE-2020-25033

The Blubrry subscribe-sidebar aka Subscribe Sidebar plugin 1.3.1 for WordPress allows subscribesidebar.php&status= reflected XSS...

6.1CVSS5.8AI score

Exploits0References2

NVD•added 2020/08/31 5:15 a.m.•10 views

CVE-2020-25033

The Blubrry subscribe-sidebar aka Subscribe Sidebar plugin 1.3.1 for WordPress allows subscribesidebar.php&status= reflected XSS...

6.1CVSS6.4AI score0.0019EPSS

Exploits1References2

Cvelist•added 2020/08/31 4:6 a.m.•15 views

CVE-2020-25033

The Blubrry subscribe-sidebar aka Subscribe Sidebar plugin 1.3.1 for WordPress allows subscribesidebar.php&status= reflected XSS...

6.4AI score0.0019EPSS

Exploits1References2

CVE•added 2020/08/31 4:6 a.m.•35 views

CVE-2020-25033

The CVE-2020-25033 entry concerns the Blubrry Subscribe Sidebar WordPress plugin (version up to 1.3.1). The issue is a reflected XSS in subscribe_sidebar.php via the status parameter (e.g., ...?page=subscribe_sidebar.php&status=...), allowing script execution. Some sources label the flaw as authe...

6.1CVSS6.3AI score0.0019EPSS

Exploits1References2Affected Software1

WPVulnDB•added 2020/08/31 12:0 a.m.•14 views

Subscribe Sidebar <= 1.3.1 - Authenticated Reflected Cross-Site Scripting

The 'status' GET parameter in subscribesidebar.php, which is displayed in the plugin's option page, is vulnerable to reflected XSS attacks. PoC /wp-admin/options-general.php?page=subscribesidebar.php=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E...

4.3CVSS1.6AI score0.0019EPSS

Exploits1References1Affected Software1

Patchstack•added 2020/08/31 12:0 a.m.•11 views

WordPress Subscribe Sidebar plugin <= 1.3.1 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability

Authenticated Reflected Cross-Site Scripting XSS vulnerability found by ZeroAptitude in WordPress Subscribe Sidebar plugin versions = 1.3.1. Solution 2020-12-28 - we were unable to find a patched version of this plugin. Notice from WordPress.org: "This plugin has been closed as of June 23, 2020 a...

6.1CVSS2.2AI score0.0019EPSS

Exploits1References2Affected Software1

wpexploit•added 2020/08/31 12:0 a.m.•22 views

Subscribe Sidebar <= 1.3.1 - Authenticated Reflected Cross-Site Scripting

The 'status' GET parameter in subscribesidebar.php, which is displayed in the plugin's option page, is vulnerable to reflected XSS attacks. /wp-admin/options-general.php?page=subscribesidebar.php&status=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E...

4.3CVSS1.7AI score0.0019EPSS

Exploits1References1

Positive Technologies•added 2020/08/31 12:0 a.m.•3 views

PT-2020-15901 · Blubrry · Blubrry Subscribe-Sidebar Plugin

Name of the Vulnerable Software and Affected Versions: Blubrry subscribe-sidebar plugin version 1.3.1 Description: The issue allows for reflected XSS in the subscribe-sidebar.php file. This can be exploited through the status parameter. Recommendations: For version 1.3.1, update to a newer versio...

6.1CVSS5.9AI score0.0019EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by