CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

EUVD•added 2026/02/26 10:42 p.m.•4 views

EUVD-2026-8816

Koa has Host Header Injection via ctx.hostname...

7.5CVSS5.3AI score0.00324EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-27647

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00216EPSS

Exploits0References3

Patchstack•added 2025/09/11 4:25 a.m.•3 views

WordPress Elements Plus! plugin <= 2.16.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by zer0gh0st in WordPress Plugin Elements Plus! versions = 2.16.4...

6.4CVSS5.6AI score0.00216EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/12/21 8:23 a.m.•2 views

CVE-2024-12588 Shortcodes and extra features for Phlox theme <= 2.17.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Staff Widget

The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Staff widget in all versions up to, and including, 2.17.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS7.4AI score0.00241EPSS

Exploits0References2

Positive Technologies•added 2024/12/21 12:0 a.m.•3 views

PT-2024-39689 · WordPress · Phlox

Name of the Vulnerable Software and Affected Versions: Phlox theme plugin for WordPress versions up to, and including, 2.16.4 Description: The issue is related to Stored Cross-Site Scripting via the plugin's aux contact box and aux gmaps shortcodes due to insufficient input sanitization and outpu...

6.4CVSS7.9AI score0.00309EPSS

Exploits0References9

Positive Technologies•added 2024/12/21 12:0 a.m.•6 views

PT-2024-17666 · WordPress · Phlox

Name of the Vulnerable Software and Affected Versions: Shortcodes and extra features for Phlox theme plugin for WordPress versions up to, and including, 2.16.4 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Staff widget due to insufficient input sanitization and...

6.4CVSS7.8AI score0.00241EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by