CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

266110 matches found

WordPress Post Timeline Plugin < 2.2.6 - Cross-Site Scripting

The Post Timeline WordPress plugin before version 2.2.6 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape an invalid nonce before outputting it back in an AJAX response, which could allow attackers to execute arbitrary JavaScript code in an...

6.1CVSS7AI score0.00709EPSS

Exploits1References2

NVD•added yesterday•6 views

CVE-2026-11943

Akaunting 3.1.21 contains an authenticated stored cross-site scripting vulnerability in the document timeline shown on invoice and bill detail pages. An authenticated user can store HTML/JavaScript in their own profile name...

4.8CVSS

Exploits0References2

Cvelist•added yesterday•27 views

CVE-2026-11943 Akaunting 3.1.21 - Authenticated stored XSS in document timeline

4.8CVSS

Exploits0References2

EUVD•added yesterday•6 views

EUVD-2026-38270

4.8CVSS5.7AI score

Exploits0References2

CVE•added yesterday•10 views

CVE-2026-11943

CVE-2026-11943 affects Akaunting 3.1.21 and is an authenticated stored cross-site scripting vulnerability in the document timeline shown on invoice and bill detail pages. An authenticated user can store HTML/JavaScript in their own profile name, which can be reflected in the UI. The CVSS4 vector ...

4.8CVSS5.7AI score

Exploits0References2

Circl•added yesterday•4 views

CVE-2026-6645

creationtimestamp| type| source ---|---|--- 2026-06-22 04:30:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116791877623901189 2026-06-22 04:30:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mou2gzwtck2t 2026-06-22 04:37:44+00:00| seen|...

7.3CVSS5.8AI score

Exploits0References6

Circl•added 2 days ago•5 views

CVE-2026-12805

creationtimestamp| type| source ---|---|--- 2026-06-21 21:54:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3motedaxnnf23...

7.5CVSS5.8AI score

Exploits0References1

Circl•added 2 days ago•5 views

CVE-2026-12786

creationtimestamp| type| source ---|---|--- 2026-06-21 09:00:27+00:00| seen| https://infosec.exchange/users/offseq/statuses/116787277091790305 2026-06-21 11:45:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moscbep5rm2n...

8.5CVSS7.1AI score

Exploits0References2

Circl•added 4 days ago•7 views

CVE-2026-49230

creationtimestamp| type| source ---|---|--- 2026-06-19 15:47:18+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3monoullf4522...

6.3CVSS5.8AI score

Exploits0References1

Circl•added 6 days ago•7 views

CVE-2026-20190

creationtimestamp| type| source ---|---|--- 2026-06-17 18:24:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moiwpw3s7724 2026-06-17 21:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1928 2026-06-18 13:15:12+00:00| seen|...

7.5CVSS5.8AI score0.00371EPSS

Exploits0References5

Circl•added 6 days ago•8 views

CVE-2026-35306

creationtimestamp| type| source ---|---|--- 2026-06-17 05:04:25+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mohjz6m67e2e 2026-06-17 05:31:59+00:00| seen| https://www.acn.gov.it/portale/w/critical-patch-update-di-oracle-8 2026-06-18 13:37:06+00:00| seen|...

9.3CVSS4.9AI score0.00353EPSS

Exploits0References3

Circl•added 2026/06/15 10:40 p.m.•7 views

CVE-2026-11850

creationtimestamp| type| source ---|---|--- 2026-06-15 22:40:51+00:00| seen| https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3moee4eyg372o...

5CVSS4.9AI score0.00261EPSS

Exploits0References1

Circl•added 2026/06/15 10:11 p.m.•9 views

CVE-2026-50560

creationtimestamp| type| source ---|---|--- 2026-06-15 22:11:13+00:00| seen| https://gist.github.com/alon710/b74444b3a1d431dd08f4a234b8c8a8c9...

6.9CVSS5AI score0.00302EPSS

Exploits0References1

RedhatCVE•added 2026/06/11 8:59 a.m.•9 views

CVE-2026-8613

The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'titletag' Widget Setting in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.7AI score0.00206EPSS

Exploits0References1

Circl•added 2026/06/11 8:0 a.m.•7 views

CVE-2026-41856

creationtimestamp| type| source ---|---|--- 2026-06-11 08:00:59+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnyr3dgend2x 2026-06-11 09:00:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116730653982449979 2026-06-11 09:00:29+00:00| seen|...

7.5CVSS5AI score0.00394EPSS

Exploits0References4

Circl•added 2026/06/11 12:31 a.m.•8 views

CVE-2026-46669

creationtimestamp| type| source ---|---|--- 2026-06-11 00:31:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnxxy6qthc2m...

8.7CVSS5.3AI score0.00226EPSS

Exploits0References1

Circl•added 2026/06/10 8:6 p.m.•7 views

CVE-2026-47939

creationtimestamp| type| source ---|---|--- 2026-06-10 20:06:05+00:00| seen| https://bsky.app/profile/experiencedigest.bsky.social/post/3mnxj4zowxe2u...

5.4CVSS5.3AI score0.00307EPSS

Exploits0References1

Circl•added 2026/06/10 7:3 p.m.•7 views

CVE-2026-0270

creationtimestamp| type| source ---|---|--- 2026-06-10 19:03:20+00:00| seen| https://bsky.app/profile/ripjyr.bsky.social/post/3mnxfmtixdo25 2026-06-10 21:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1917...

7.5CVSS5.3AI score0.00156EPSS

Exploits0References2

Circl•added 2026/06/10 10:54 a.m.•7 views

CVE-2026-8071

creationtimestamp| type| source ---|---|--- 2026-06-10 10:54:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnwkcoeuvv2r 2026-06-10 12:00:21+00:00| seen| https://bsky.app/profile/pulse-wp.com/post/3mnwnyiff372t 2026-06-10 12:00:36+00:00| seen|...

8.8CVSS5.3AI score0.00276EPSS

Exploits0References3

NVD•added 2026/06/10 8:16 a.m.•10 views

CVE-2026-8613

6.4CVSS0.00206EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by