CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

RedhatCVE•added 2026/01/09 10:31 a.m.•4 views

CVE-2017-18566

The user-role plugin before 1.5.6 for WordPress has multiple XSS issues...

6.1CVSS6.2AI score0.00097EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-12824

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00113EPSS

Exploits2References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-40036

Malicious code in bioql PyPI...

4.8CVSS5.3AI score0.00352EPSS

Exploits0References2

Patchstack•added 2025/02/02 4:8 p.m.•1 views

WordPress User Role plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin User Role versions = 1.0...

7.1CVSS6.1AI score0.00346EPSS

Exploits0Affected Software1

CVE•added 2024/12/31 1:29 p.m.•45 views

CVE-2024-56206

CVE-2024-56206 is a CSRF vulnerability in gap-hub-user-role (WordPress plugin) that allows authentication bypass. Affected: gap-hub-user-role from n/a through 3.4.1. The connected records indicate this CVE as an active issue with patch status reported as Unpatched for the specific entry, and CVSS...

8.8CVSS7.2AI score0.00027EPSS

Exploits0References1

Positive Technologies•added 2023/04/03 12:0 a.m.•3 views

PT-2023-16549 · Bestwebsoft · User Role

Name of the Vulnerable Software and Affected Versions: User Role by BestWebSoft WordPress plugin versions prior to 1.6.7 Description: The issue concerns a lack of protection against Cross-Site Request Forgery CSRF in requests to update role capabilities, leading to arbitrary privilege escalation ...

8.8CVSS9.2AI score0.00113EPSS

Exploits2References6

OSV•added 2022/09/09 3:15 p.m.•2 views

CVE-2022-37403

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Nikhil Vaghela's Add User Role plugin = 0.0.1 at WordPress...

4.8CVSS5.8AI score

Exploits0References2

Cvelist•added 2022/09/09 2:39 p.m.•18 views

CVE-2022-37403 WordPress Add User Role plugin <= 0.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Nikhil Vaghela's Add User Role plugin = 0.0.1 at WordPress...

4.8CVSS5.1AI score0.00352EPSS

Exploits0References2

CNVD•added 2019/08/22 12:0 a.m.•1 views

WordPress user-role plugin cross-site scripting vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. user-role is a plug-in for website user management. A cross-site scripting vulnerability exists in the WordPress user-role plugin...

6.1CVSS6.2AI score0.00097EPSS

Exploits1References1

OSV•added 2019/08/20 4:15 p.m.•0 views

CVE-2017-18566

The user-role plugin before 1.5.6 for WordPress has multiple XSS issues...

6.1CVSS5.8AI score

Exploits0References1

NVD•added 2019/08/20 4:15 p.m.•8 views

CVE-2017-18566

The user-role plugin before 1.5.6 for WordPress has multiple XSS issues...

6.1CVSS6.1AI score0.00097EPSS

Exploits1References1

CVE•added 2019/08/20 3:2 p.m.•60 views

CVE-2017-18566

The CVE-2017-18566 affects the WordPress plugin “user-role” by BestWebSoft, specifically versions before 1.5.6. The connected data confirms multiple XSS vulnerabilities (CWE-79) in this plugin, with practical impact: authenticated attackers can inject and execute arbitrary JavaScript in victims’ ...

6.1CVSS6AI score0.00097EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by