CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

RedhatCVE•added 2025/04/25 4:11 p.m.•5 views

CVE-2025-22796

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in platcom WP-Asambleas wp-asambleas allows Reflected XSS.This issue affects WP-Asambleas: from n/a through = 2.85.0...

7.1CVSS5.9AI score0.00161EPSS

Exploits0References1

Positive Technologies•added 2025/02/24 12:0 a.m.•2 views

PT-2025-7727 · WordPress · Wp-Asambleas

Name of the Vulnerable Software and Affected Versions: WP-Asambleas versions 2.85.0 and earlier Description: The issue is related to a Missing Authorization vulnerability in WP-Asambleas, which allows exploitation due to incorrectly configured access control security levels. Recommendations: For...

4.8CVSS9.4AI score0.00128EPSS

Exploits0References3

Positive Technologies•added 2025/02/18 12:0 a.m.•2 views

PT-2025-6574 · WordPress · Wp-Asambleas

Name of the Vulnerable Software and Affected Versions: WP-Asambleas plugin for WordPress versions up to, and including, 2.85.0 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'polls popup' shortcode due to insufficient input sanitization and output escaping on...

6.4CVSS8AI score0.00149EPSS

Exploits0References7