CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

90 matches found

EUVD•added 2026/03/25 6:31 p.m.•0 views

EUVD-2026-15575

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeMakers Car Dealer cardealer allows Reflected XSS.This issue affects Car Dealer: from n/a through = 1.6.7...

7.1CVSS5.8AI score0.00045EPSS

Exploits0References2

Vulnrichment•added 2026/03/25 4:14 p.m.•1 views

CVE-2026-24391 WordPress Car Dealer theme <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS5.8AI score0.00045EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•3 views

CVE-2026-24391

The connected document identifies a concrete vulnerability: WordPress Car Dealer theme versions ≤ 1.6.7 suffers a reflected Cross-Site Scripting (XSS) vulnerability. The issue is caused by input that is reflected back to the user without proper sanitization, enabling an attacker to run arbitrary ...

7.1CVSS5.8AI score0.00045EPSS

Exploits0References1

Positive Technologies•added 2026/03/25 12:0 a.m.•2 views

PT-2026-27859

Name of the Vulnerable Software and Affected Versions ThemeMakers Car Dealer versions n/a through 1.6.7 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, which can lead to reflected cross-site scripting XSS. This allows an attacker to...

7.1CVSS5.8AI score0.00045EPSS

Exploits0References3

RedhatCVE•added 2026/01/07 9:18 a.m.•8 views

CVE-2025-1690

The ThemeMakers Stripe Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'stripe' shortcode in versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.7AI score0.00169EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-9326

Malware in sbrugna...

7.5CVSS7.5AI score0.00663EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-9330

Malware in sbrugna...

7.5CVSS7.5AI score0.00514EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2015-9324

Malware in sbrugna...

7.5CVSS7.5AI score0.00514EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2015-9323

Malware in sbrugna...

7.5CVSS7.5AI score0.00663EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2015-9332

Malware in sbrugna...

7.5CVSS7.5AI score0.00663EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-9325

Malware in sbrugna...

7.5CVSS7.5AI score0.00973EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-25358

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00138EPSS

Exploits0References1

Cvelist•added 2025/08/20 8:3 a.m.•8 views

CVE-2025-53299 WordPress ThemeMakers Visual Content Composer Plugin <= 1.5.8 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in ThemeMakers ThemeMakers Visual Content Composer tmmcontentcomposer allows Object Injection.This issue affects ThemeMakers Visual Content Composer: from n/a through = 1.5.8...

9.8CVSS0.00138EPSS

Exploits0References1

Vulnrichment•added 2025/08/20 8:3 a.m.•2 views

CVE-2025-53299 WordPress ThemeMakers Visual Content Composer Plugin <= 1.5.8 - PHP Object Injection Vulnerability

9.8CVSS5.2AI score0.00138EPSS

Exploits0References1

CVE•added 2025/08/20 8:3 a.m.•10 views

CVE-2025-53299

CVE-2025-53299 describes a deserialization of untrusted data vulnerability in ThemeMakers Visual Content Composer (WordPress plugin) that enables PHP object injection. Affected versions are up to 1.5.8 (inclusive); the root cause is deserializing untrusted data, which can lead to object injection...

9.8CVSS5.9AI score0.00138EPSS

Exploits0References1

CNNVD•added 2025/08/20 12:0 a.m.•1 views

WordPress plugin ThemeMakers Visual Content Composer 代码问题漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in...

9.8CVSS6.5AI score0.00138EPSS

Exploits0References2

Positive Technologies•added 2025/08/20 12:0 a.m.•3 views

PT-2025-33978 · Thememakers · Visual Content Composer

Name of the Vulnerable Software and Affected Versions: ThemeMakers Visual Content Composer versions through 1.5.8 Description: ThemeMakers Visual Content Composer is susceptible to object injection due to the deserialization of untrusted data. Recommendations: Update ThemeMakers Visual Content...

9.8CVSS6.7AI score0.00138EPSS

Exploits0References4

Patchstack•added 2025/08/19 11:14 a.m.•4 views

WordPress ThemeMakers Visual Content Composer Plugin <= 1.5.8 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Bonds in WordPress Plugin ThemeMakers Visual Content Composer versions = 1.5.8...

9.8CVSS7AI score0.00138EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/05/25 1:19 p.m.•6 views

CVE-2025-39480

Deserialization of Untrusted Data vulnerability in ThemeMakers Car Dealer cardealer allows Object Injection.This issue affects Car Dealer: from n/a through 1.6.8...

9.8CVSS7.2AI score0.00369EPSS

Exploits0References1

NVD•added 2025/05/23 1:15 p.m.•4 views

CVE-2025-39480

Deserialization of Untrusted Data vulnerability in ThemeMakers Car Dealer cardealer allows Object Injection.This issue affects Car Dealer: from n/a through 1.6.8...

9.8CVSS0.00369EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by