CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Denis Cherniatev ShMapper by Teplitsa shmapper-by-teplitsa allows Stored XSS.This issue affects ShMapper by Teplitsa: from n/a through = 1.5.0...

5.9CVSS7.2AI score0.00057EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:2 a.m.•5 views

CVE-2023-27450

Unauth. Stored Cross-Site Scripting XSS vulnerability in Teplitsa of social technologies Leyka plugin = 3.29.2 versions...

7.1CVSS5.6AI score0.00105EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:2 a.m.•3 views

CVE-2023-27442

Cross-Site Request Forgery CSRF vulnerability in Teplitsa of social technologies Leyka plugin = 3.29.2 versions...

8.8CVSS7.1AI score0.00123EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:41 a.m.•6 views

CVE-2023-39314

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Teplitsa of social technologies Leyka plugin = 3.30.2 versions...

7.1CVSS5.9AI score0.00104EPSS

Exploits0

RedhatCVE•added 2025/05/23 3:52 a.m.•2 views

CVE-2023-33327

Improper Privilege Management vulnerability in Teplitsa of social technologies Leyka allows Privilege Escalation.This issue affects Leyka: from n/a through 3.30.2...

8.8CVSS6.9AI score0.00365EPSS

Exploits0References1

NVD•added 2025/01/24 6:15 p.m.•7 views

CVE-2025-24674

5.9CVSS0.00057EPSS

Exploits0References1

Patchstack•added 2025/01/24 11:47 a.m.•1 views

WordPress ShMapper by Teplitsa Plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khang Duong in WordPress Plugin ShMapper by Teplitsa versions = 1.5.0...

5.9CVSS6.1AI score0.00057EPSS

Exploits0Affected Software1

CNNVD•added 2025/01/24 12:0 a.m.•1 views

WordPress plugin ShMapper by Teplitsa 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.9CVSS8AI score0.00057EPSS

Exploits0References2

Positive Technologies•added 2025/01/24 12:0 a.m.•1 views

PT-2025-5494 · Teplitsa · Shmapper

Name of the Vulnerable Software and Affected Versions: ShMapper by Teplitsa versions 1.5.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For...

5.9CVSS5.6AI score0.00057EPSS

Exploits0References3

Vulnrichment•added 2024/12/24 4:22 a.m.•7 views

CVE-2024-12518 shMapper by Teplitsa <= 1.4.18 - Authenticated (Contributor+) Stored Cross-Site Scripting

The ShMapper by Teplitsa plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shmMap' shortcode in all versions up to, and including, 1.4.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.9AI score0.00201EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by