CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-50770

Malicious code in bioql PyPI...

6.1CVSS8.9AI score0.00341EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 8:9 a.m.•4 views

CVE-2024-12323

The turboSMTP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 4.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

6.1CVSS6.4AI score0.00341EPSS

Exploits0References1

Cvelist•added 2025/01/15 3:23 p.m.•23 views

CVE-2025-22753 WordPress turboSMTP Plugin <= 4.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in turboSMTP turboSMTP turbosmtp allows Reflected XSS.This issue affects turboSMTP: from n/a through = 4.6...

7.1CVSS0.00322EPSS

Exploits0References1

CVE•added 2025/01/15 3:23 p.m.•46 views

CVE-2025-22753

CVE-2025-22753 describes a Reflected Cross-Site Scripting (XSS) vulnerability in turboSMTP (WordPress plugin). The issue is caused by improper neutralization of input during web page generation, enabling reflected XSS. Affected software is turboSMTP up to version 4.6 (no public details on exact p...

7.1CVSS7.2AI score0.00322EPSS

Exploits0References1

NVD•added 2024/12/10 3:15 p.m.•10 views

CVE-2024-12323

6.1CVSS0.00341EPSS

Exploits0References3

CVE•added 2024/12/10 2:28 p.m.•42 views

CVE-2024-12323

CVE-2024-12323 affects the turboSMTP WordPress plugin (all versions up to 4.6) with a Reflected Cross-Site Scripting via the page parameter caused by insufficient input sanitization and output escaping. Unauthenticated attackers could inject scripts into pages executed when a logged-in user is tr...

6.1CVSS6AI score0.00341EPSS

Exploits0References3

Positive Technologies•added 2024/12/10 12:0 a.m.•2 views

PT-2024-17542 · WordPress · Turbosmtp

Name of the Vulnerable Software and Affected Versions: turboSMTP plugin for WordPress versions up to, and including, 4.6 Description: The issue is related to Reflected Cross-Site Scripting via the page parameter due to insufficient input sanitization and output escaping. This allows unauthenticat...

6.1CVSS6.7AI score0.00341EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by