CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

OSV•added 2026/05/22 10:59 a.m.•3 views

SUSE-SU-2026:21786-1 Security update for libzypp

This update for libzypp fixes the following issue - CVE-2026-44933: scan of the Mandatory signature verification plugin support bsc1265223...

8.5CVSS5.8AI score0.00006EPSS

Exploits0References3

ATTACKERKB•added 2026/04/15 1:25 a.m.•0 views

CVE-2026-2834

The Age Verification & Identity Verification by Token of Trust plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘description’ parameter in all versions up to, and including, 3.32.3 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS5.9AI score0.00037EPSS

Exploits0References4

Cvelist•added 2026/04/15 1:25 a.m.•24 views

CVE-2026-2834 Age Verification & Identity Verification by Token of Trust <= 3.32.3 - Unauthenticated Stored Cross-Site Scripting via 'description' Parameter

7.2CVSS0.00037EPSS

Exploits0References3

Vulnrichment•added 2026/03/25 4:14 p.m.•3 views

CVE-2026-32497 WordPress User Verification plugin <= 2.0.45 - Email Verification Bypass vulnerability

Weak Authentication vulnerability in PickPlugins User Verification user-verification allows Authentication Abuse.This issue affects User Verification: from n/a through = 2.0.45...

5.8AI score0.00045EPSS

Exploits0References1

Patchstack•added 2026/03/23 2:36 p.m.•3 views

WordPress User Verification plugin <= 2.0.45 - Email Verification Bypass vulnerability

Email Verification Bypass vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin User Verification versions = 2.0.45...

5.3CVSS5.8AI score0.00045EPSS

Exploits0Affected Software1

RedhatCVE•added 2026/02/19 7:28 a.m.•3 views

CVE-2026-1072

The Keybase.io Verification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.5. This is due to missing nonce validation when updating plugin settings. This makes it possible for unauthenticated attackers to update the Keybase verification...

4.3CVSS5.3AI score0.00007EPSS

Exploits0References1

Vulnrichment•added 2026/02/18 5:29 a.m.•3 views

CVE-2026-1072 Keybase.io Verification <= 1.4.5 - Cross-Site Request Forgery to Settings Update

4.3CVSS5.3AI score0.00007EPSS

Exploits0References4

Patchstack•added 2026/02/17 11:55 p.m.•4 views

WordPress Keybase.io Verification plugin <= 1.4.5 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Keybase.io Verification versions = 1.4.5...

4.3CVSS5.5AI score0.00007EPSS

Exploits0References1Affected Software1

CVE•added 2025/10/15 8:26 a.m.•14 views

CVE-2025-9967

CVE-2025-9967 concerns the WordPress plugin Orion SMS OTP Verification. The vulnerability is an authentication bypass enabling privilege escalation via account takeover in versions

9.8CVSS6.3AI score0.00187EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 5:10 a.m.•9 views

CVE-2023-32514

Cross-Site Request Forgery CSRF vulnerability in Himanshu Parashar Google Site Verification plugin using Meta Tag.This issue affects Google Site Verification plugin using Meta Tag: from n/a through 1.2...

8.8CVSS8.5AI score0.00098EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:48 a.m.•5 views

CVE-2012-6499

Open redirect vulnerability in age-verification.php in the Age Verification plugin 0.4 and earlier for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirectto parameter...

5.8CVSS7.1AI score0.46403EPSS

Exploits1References1

Vulnrichment•added 2025/05/15 8:7 p.m.•5 views

CVE-2024-6798 DL Verification <= 1.2 - Admin+ Stored XSS

The DL Verification WordPress plugin through 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.8AI score0.00267EPSS

Exploits1References1

Positive Technologies•added 2025/05/15 12:0 a.m.•4 views

PT-2025-21497 · WordPress · Dl Verification Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: DL Verification WordPress plugin versions 1.2 and earlier Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example,...

4.8CVSS4.6AI score0.00267EPSS

Exploits1References4

OSV•added 2023/11/18 11:15 p.m.•3 views

CVE-2023-32514

8.8CVSS5.8AI score0.00098EPSS

Exploits0References1

CVE•added 2023/11/18 10:24 p.m.•60 views

CVE-2023-32514

CVE-2023-32514 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Google Site Verification plugin using Meta Tag. The vulnerability affects versions up to 1.2 and requires unauthenticated access. Public documentation in Patchstack indicates the vulnerability exists for

8.8CVSS8.5AI score0.00098EPSS

Exploits0References1Affected Software1

OSV•added 2023/05/03 4:15 p.m.•2 views

CVE-2023-23875

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Himanshu Bing Site Verification plugin using Meta Tag plugin = 1.0 versions...

4.8CVSS6.6AI score0.00207EPSS

Exploits0References1

Tenable Nessus•added 2019/05/31 12:0 a.m.•27 views

SUSE SLES15 Security Update : rmt-server (SUSE-SU-2019:1381-1)

This update for rmt-server to version 2.1.4 fixes the following issues : Fix duplicate nginx location in rmt-server-pubcloud bsc1135222 Mirror additional repos that were enabled during mirroring bsc1132690 Make service IDs consistent across different RMT instances bsc1134428 Make SMT data import...

9.8CVSS7.2AI score0.12118EPSS

Exploits3References17

NVD•added 2013/01/12 4:33 a.m.•10 views

CVE-2012-6499

5.8CVSS6.7AI score0.46403EPSS

Exploits1References3

Prion•added 2013/01/12 4:33 a.m.•12 views

Open redirect

5.8CVSS7.1AI score0.46403EPSS

Exploits1References3Affected Software1

CVE•added 2013/01/12 2:0 a.m.•64 views

CVE-2012-6499

CVE-2012-6499 is an open redirect vulnerability affecting the WordPress Age Verification plugin (versions 0.4 and earlier). The issue arises in age-verification.php via the redirect_to parameter, allowing an attacker to steer victims to arbitrary sites (phishing/malware risk). Affected component:...

5.8CVSS6.9AI score0.46403EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by