CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

89 matches found

RedhatCVE•added 2025/11/05 5:8 a.m.•2 views

CVE-2025-12452

The Visit Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the widgets.php page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged...

6.1CVSS5.8AI score0.00013EPSS

Exploits0References1

Vulnrichment•added 2025/11/04 4:27 a.m.•2 views

CVE-2025-12452 Visit Counter 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Visit Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the widgets.php page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged...

6.1CVSS5.4AI score0.00013EPSS

Exploits0References2

CVE•added 2025/11/04 4:27 a.m.•8 views

CVE-2025-12452

The CVE-2025-12452 entry concerns the WordPress Visit Counter plugin (v1.0). It is affected by Cross-Site Request Forgery due to missing or incorrect nonce validation on widgets.php, enabling unauthenticated attackers to trigger settings updates and inject malicious scripts by persuading a site a...

6.1CVSS5.4AI score0.00013EPSS

Exploits0References2

Cvelist•added 2025/11/04 4:27 a.m.•5 views

CVE-2025-12452 Visit Counter 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Visit Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the widgets.php page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged...

6.1CVSS0.00013EPSS

Exploits0References2

CNNVD•added 2025/11/04 12:0 a.m.•2 views

WordPress plugin Visit Counter 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based...

6.1CVSS6.1AI score0.00013EPSS

Exploits0References2

Positive Technologies•added 2025/11/04 12:0 a.m.•2 views

PT-2025-44961

The Visit Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the widgets.php page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged...

6.1CVSS5.8AI score0.00013EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-4129

Malware in sbrugna...

5CVSS6.4AI score0.04072EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-2551

Malware in sbrugna...

7.5CVSS6.4AI score0.00404EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-24771

Malicious code in bioql PyPI...

7.1CVSS4.6AI score0.00051EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-49395

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00156EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-29920

Malicious code in bioql PyPI...

7.6CVSS6.4AI score0.0037EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-32423

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.00154EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-55172

Malicious code in bioql PyPI...

6.5CVSS6.7AI score0.00181EPSS

Exploits0References1

RedhatCVE•added 2025/08/16 11:25 a.m.•1 views

CVE-2025-49065

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BestiaDurmiente Visit Counter visit-counter allows Stored XSS.This issue affects Visit Counter: from n/a through = 1.0...

7.1CVSS5.9AI score0.00051EPSS

Exploits0References1

NVD•added 2025/08/14 11:15 a.m.•1 views

CVE-2025-49065

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BestiaDurmiente Visit Counter visit-counter allows Stored XSS.This issue affects Visit Counter: from n/a through = 1.0...

7.1CVSS0.00051EPSS

Exploits0References1

Cvelist•added 2025/08/14 10:34 a.m.•7 views

CVE-2025-49065 WordPress Visit Counter Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BestiaDurmiente Visit Counter visit-counter allows Stored XSS.This issue affects Visit Counter: from n/a through = 1.0...

7.1CVSS0.00051EPSS

Exploits0References1

Vulnrichment•added 2025/08/14 10:34 a.m.•1 views

CVE-2025-49065 WordPress Visit Counter Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BestiaDurmiente Visit Counter allows Stored XSS. This issue affects Visit Counter: from n/a through 1.0...

7.1CVSS6.9AI score0.00051EPSS

Exploits0References1

Positive Technologies•added 2025/08/14 12:0 a.m.•1 views

PT-2025-33194 · Unknown · Bestiadurmiente Visit Counter

Name of the Vulnerable Software and Affected Versions: BestiaDurmiente Visit Counter versions n/a through 1.0 Description: Improper neutralization of input during web page generation allows for stored cross-site scripting XSS. Recommendations: At the moment, there is no information about a newer...

7.1CVSS5.5AI score0.00051EPSS

Exploits0References3

CNNVD•added 2025/08/14 12:0 a.m.•4 views

WordPress plugin Visit Counter Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

7.1CVSS5.7AI score0.00051EPSS

Exploits0References1

Patchstack•added 2025/08/07 11:52 a.m.•3 views

WordPress Visit Counter Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin Visit Counter versions = 1.0...

7.1CVSS4.2AI score0.00051EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by