CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-50916

Malicious code in bioql PyPI...

6.4CVSS8.7AI score0.00363EPSS

Exploits0References5

RedhatCVE•added 2025/05/23 7:56 a.m.•3 views

CVE-2024-12505

The Trackserver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tsmap' shortcode in all versions up to, and including, 5.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.8AI score0.00363EPSS

Exploits0References1

Cvelist•added 2025/03/31 9:5 a.m.•11 views

CVE-2025-30961 WordPress Trackserver plugin <= 5.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tinuzz Trackserver trackserver allows DOM-Based XSS.This issue affects Trackserver: from n/a through = 5.1.0...

6.5CVSS0.00204EPSS

Exploits0References1

Vulnrichment•added 2025/03/31 9:5 a.m.•5 views

CVE-2025-30961 WordPress Trackserver plugin <= 5.1.0 - Cross Site Scripting (XSS) vulnerability

6.5CVSS7.3AI score0.00204EPSS

Exploits0References1

Patchstack•added 2025/03/31 9:4 a.m.•0 views

WordPress Trackserver plugin <= 5.1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha Patchstack Alliance in WordPress Plugin Trackserver versions = 5.1.0...

6.5CVSS6.1AI score0.00204EPSS

Exploits0Affected Software1

CNNVD•added 2025/03/31 12:0 a.m.•1 views

WordPress plugin Trackserver 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS7.6AI score0.00204EPSS

Exploits0References1

NVD•added 2025/01/11 3:15 a.m.•2 views

CVE-2024-12505

6.4CVSS0.00363EPSS

Exploits0References5

Vulnrichment•added 2025/01/11 2:20 a.m.•4 views

CVE-2024-12505 Trackserver <= 5.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS5.8AI score0.00363EPSS

Exploits0References5

CVE•added 2025/01/11 2:20 a.m.•14 views

CVE-2024-12505

CVE-2024-12505 affects Trackserver plugin for WordPress; stored XSS via the tsmap shortcode in all versions up to 5.0.2 due to insufficient input sanitization and output escaping on user attributes. Exploitation requires authenticated access (contributor+); an attacker can inject scripts that run...

6.4CVSS5.7AI score0.00363EPSS

Exploits0References5

CNNVD•added 2025/01/11 12:0 a.m.•1 views

WordPress plugin Trackserver 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS7.8AI score0.00363EPSS

Exploits0References5

Patchstack•added 2025/01/10 9:4 p.m.•1 views

WordPress Trackserver plugin <= 5.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by yudha in WordPress Plugin Trackserver versions = 5.0.2...

6.4CVSS5.7AI score0.00363EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by