CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

NCSC•added 2026/05/15 9:27 a.m.•11 views

Vulnerabilities are handled in GitLab through GitLab Inc.

GitLab Inc. has addressed several vulnerabilities in GitLab Community Edition CE and Enterprise Edition EE in various versions, particularly in releases from version 8.3 to 18.11.3. These vulnerabilities concern various components and functions within GitLab, including Jira integration, container...

8.7CVSS5.8AI score0.00064EPSS

Exploits0References1

Patchstack•added 2025/12/08 7:9 p.m.•3 views

WordPress WP Flashy Marketing Automation plugin <= 2.0.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin WP Flashy Marketing Automation versions = 2.0.8...

4.3CVSS6.8AI score0.00015EPSS

Exploits0Affected Software1

Cvelist•added 2025/12/05 7:26 a.m.•19 views

CVE-2025-12130 WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors <= 2.6.4 - Cross-Site Request Forgery to Vendor Product Deletion

The WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.4. This is due to missing or incorrect nonce validation on the /vendordashboard/product/delete/ endpoint...

4.3CVSS0.00013EPSS

Exploits0References2

Patchstack•added 2025/12/04 10:59 p.m.•2 views

WordPress Torod plugin <= 1.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Torod versions = 1.9...

4.3CVSS6.7AI score0.00011EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/10/09 12:0 a.m.•2 views

Drupal Gutenberg module < 2.13.0,3.0.0-3.0.4 - Unauthenticated Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF vulnerability discovered by Mingsong in WordPress Module Gutenberg versions 2.13.0,3.0.0-3.0.4...

7AI score

Exploits0References1Affected Software1

OSV•added 2023/06/07 2:15 a.m.•1 views

CVE-2021-4373

The Better Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.5.2. This makes it possible for unauthenticated attackers to import settings via forged request granted they can trick a site administrator into performing an action such as...

4.3CVSS5.6AI score

Exploits0References3

Packet Storm•added 2015/01/12 12:0 a.m.•38 views

WordPress Pods 2.4.3 CSRF / Cross Site Scripting

Vulnerability title: Wordpress plugin Pods alert'xss' target="http://localhost"; for i=0; i'; CSRF 2 delete pods plugin data: CSRF 3 deactivate pods and delete data: CSRF 4 enable "roles and capab...

6.8CVSS0.1AI score0.00227EPSS

Exploits3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by