CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2025/11/12 3:46 a.m.•2 views

CVE-2025-11873

The WP BBCode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'url' shortcode in all versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...

6.4CVSS5AI score0.00032EPSS

Exploits0References1

EUVD•added 2025/11/11 6:30 a.m.•1 views

EUVD-2025-60973

6.4CVSS4.7AI score0.00032EPSS

Exploits0References3

NVD•added 2025/11/11 4:15 a.m.•1 views

CVE-2025-11873

6.4CVSS0.00032EPSS

Exploits0References2

CVE•added 2025/11/11 3:30 a.m.•11 views

CVE-2025-11873

CVE-2025-11873 : WordPress WP BBCode plugin

6.4CVSS4.7AI score0.00032EPSS

Exploits0References2

Vulnrichment•added 2025/11/11 3:30 a.m.•1 views

CVE-2025-11873 WP BBCode <= 1.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS4.7AI score0.00032EPSS

Exploits0References2

Positive Technologies•added 2025/11/11 12:0 a.m.•3 views

PT-2025-46260

Name of the Vulnerable Software and Affected Versions WP BBCode plugin for WordPress versions up to and including 1.8.1 Description The WP BBCode plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'url' shortcode. This is due to inadequate input sanitization and output...

6.4CVSS5.2AI score0.00032EPSS

Exploits0References4

RedhatCVE•added 2025/09/13 7:25 a.m.•1 views

CVE-2025-8398

The azurecurve BBCode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'url' shortcode in all versions up to, and including, 2.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5AI score0.00048EPSS

Exploits0References1

NVD•added 2025/09/11 8:15 a.m.•1 views

CVE-2025-8398

6.4CVSS0.00048EPSS

Exploits0References3