CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

43 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-12307

Malicious code in bioql PyPI...

5.9CVSS6.8AI score0.00103EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-3808

Malicious code in bioql PyPI...

5.4CVSS8.9AI score0.00235EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-52425

Malicious code in bioql PyPI...

7.1CVSS9AI score0.00197EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-9486

Malicious code in bioql PyPI...

7.1CVSS7.7AI score0.00669EPSS

Exploits0References2

OSSF Malicious Packages•added 2025/09/09 4:25 p.m.•3 views

Malicious code in vui-vform (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

6.9AI score

Exploits0

OSV•added 2025/09/09 4:25 p.m.•1 views

MAL-2025-47128 Malicious code in vui-vform (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

6.9AI score

Exploits0

RedhatCVE•added 2025/05/23 12:0 p.m.•4 views

CVE-2025-24604

Missing Authorization vulnerability in Vikas Ratudi VPSUForm v-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VPSUForm: from n/a through = 3.0.5...

5.4CVSS7.2AI score0.00235EPSS

Exploits0References1

RedhatCVE•added 2025/04/25 11:31 p.m.•4 views

CVE-2025-46250

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vikas Ratudi VPSUForm v-form allows Stored XSS.This issue affects VPSUForm: from n/a through = 3.1.14...

5.9CVSS7.2AI score0.00103EPSS

Exploits0References1

OSV•added 2025/04/22 10:15 a.m.•0 views

CVE-2025-46250

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vikas Ratudi VForm allows Stored XSS. This issue affects VForm: from n/a through 3.1.14...

4.8CVSS5.8AI score0.00103EPSS

Exploits0References1

NVD•added 2025/04/22 10:15 a.m.•3 views

CVE-2025-46250

5.9CVSS0.00103EPSS

Exploits0References1

CVE•added 2025/04/22 9:53 a.m.•44 views

CVE-2025-46250

CVE-2025-46250 affects the WordPress plugin VForm (versions up to 3.1.14). The flaw is an improper input neutralization during web page generation, resulting in a Stored Cross‑Site Scripting (XSS) vulnerability. Impact: injected scripts could execute in other users’ browsers when a page containin...

5.9CVSS7.2AI score0.00103EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/04/22 9:53 a.m.•9 views

CVE-2025-46250 WordPress VForm plugin <= 3.1.14 - Cross Site Scripting (XSS) Vulnerability

5.9CVSS0.00103EPSS

Exploits0References1

Vulnrichment•added 2025/04/22 9:53 a.m.•7 views

CVE-2025-46250 WordPress VForm <= 3.1.14 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vikas Ratudi VForm allows Stored XSS. This issue affects VForm: from n/a through 3.1.14...

5.9CVSS6.9AI score0.00103EPSS

Exploits0References1

CNNVD•added 2025/04/22 12:0 a.m.•1 views

WordPress plugin VForm 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

5.9CVSS6.2AI score0.00103EPSS

Exploits0References1

Positive Technologies•added 2025/04/22 12:0 a.m.•2 views

PT-2025-17514 · Vform · Vform

Name of the Vulnerable Software and Affected Versions: VForm versions 3.1.14 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject malicious...

5.9CVSS6.2AI score0.00103EPSS

Exploits0References6

RedhatCVE•added 2025/04/03 9:41 p.m.•2 views

CVE-2025-30778

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vikas Ratudi VPSUForm v-form allows Reflected XSS.This issue affects VPSUForm: from n/a through = 3.1.9...

7.1CVSS7.2AI score0.00669EPSS

Exploits0References1

NVD•added 2025/04/01 9:15 p.m.•3 views

CVE-2025-30778

7.1CVSS0.00669EPSS

Exploits0References1

Cvelist•added 2025/04/01 8:58 p.m.•9 views

CVE-2025-30778 WordPress VForm plugin <= 3.1.9 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00669EPSS

Exploits0References1

CVE•added 2025/04/01 8:58 p.m.•43 views

CVE-2025-30778

CVE-2025-30778 is a reflected XSS in the WordPress plugin Lifetime free Drag & Drop Contact Form Builder for WordPress VForm . The vulnerability arises from improper neutralization of input during web page generation, enabling an attacker to inject malicious scripts via crafted input that is refl...

7.1CVSS7.2AI score0.00669EPSS

Exploits0References1

Vulnrichment•added 2025/04/01 8:58 p.m.•4 views

CVE-2025-30778 WordPress VForm plugin <= 3.1.9 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS7.3AI score0.00669EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by