CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

226 matches found

Tenable Nessus•added 2026/03/12 12:0 a.m.•1 views

SAP Netweaver Visual Composer Unrestricted File Upload (3084487)

SAP NetWeaver Visual Composer 7.0 RT versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of th...

9.9CVSS7.3AI score0.83963EPSS

Exploits1References2

CVE•added 2026/02/20 3:46 p.m.•7 views

CVE-2025-69390

CVE-2025-69390 affects the WordPress plugin 'Business Template Blocks for WPBakery (Visual Composer) Page Builder' (templates-and-addons-for-wpbakery-page-builder). It is a Reflected Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Affec...

7.1CVSS5.5AI score0.00045EPSS

Exploits0References1

CNNVD•added 2026/02/20 12:0 a.m.•3 views

WordPress plugin Business Template Blocks for WPBakery (Visual Composer) Page Builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...

7.1CVSS5.6AI score0.00045EPSS

Exploits0References1

CNNVD•added 2026/02/20 12:0 a.m.•4 views

WordPress plugin Extensive VC Addons for WPBakery page builder 安全漏洞

8.1CVSS5.8AI score0.00056EPSS

Exploits0References1

Packet Storm•added 2026/02/18 12:0 a.m.•116 views

📄 SAP NetWeaver 7.50 Visual Composer Metadata Shell Upload

SAP NetWeaver Visual Composer contains an unauthenticated file upload vulnerability in the metadata uploader component that allows attackers to upload arbitrary files including JSP web shells and WAR applications, leading to remote code execution on the SAP server. The vulnerability exists in the...

10CVSS9.3AI score0.43664EPSS

Exploits18

Patchstack•added 2026/02/10 12:26 p.m.•2 views

WordPress Business Template Blocks for WPBakery (Visual Composer) Page Builder plugin <= 1.3.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Skalucy in WordPress Plugin Business Template Blocks for WPBakery Visual Composer Page Builder versions = 1.3.2...

7.1CVSS5.4AI score0.00045EPSS

Exploits0Affected Software1

ATTACKERKB•added 2026/01/23 2:29 p.m.•1 views

CVE-2026-24594

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in livemesh Livemesh Addons for WPBakery Page Builder addons-for-visual-composer allows Stored XSS.This issue affects Livemesh Addons for WPBakery Page Builder: from n/a through = 3.9.4...

4.8CVSS5.9AI score0.00017EPSS

Exploits0References2

GithubExploit•added 2026/01/12 5:30 p.m.•185 views

Exploit for Unrestricted Upload of File with Dangerous Type in Sap Netweaver

CVE-2025-31324 Proof-of-Concept 0day for SAP NetWeaver created...

10CVSS7.5AI score0.66352EPSS

Exploits19

NVD•added 2025/12/24 1:16 p.m.•1 views

CVE-2025-68574

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements void-visual-whmcs-element allows DOM-Based XSS.This issue affects WPBakery Visual Composer WHMCS Elements: from n/a through = 1.0.4.3...

5.9CVSS0.00023EPSS

Exploits0References1

CVE•added 2025/12/24 1:10 p.m.•3 views

CVE-2025-68574

CVE-2025-68574 affects Innovs WPBakery Visual Composer WHMCS Elements (void-visual-whmcs-element) and is linked to versions

5.9CVSS6AI score0.00023EPSS

Exploits0References1

Vulnrichment•added 2025/12/24 1:10 p.m.•1 views

CVE-2025-68574 WordPress WPBakery Visual Composer WHMCS Elements plugin <= 1.0.4.3 - Cross Site Scripting (XSS) vulnerability

5.9CVSS6AI score0.00023EPSS

Exploits0References1

CNNVD•added 2025/12/24 12:0 a.m.•1 views

WordPress plugin WPBakery Visual Composer WHMCS Elements 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.9CVSS6.1AI score0.00023EPSS

Exploits0References1

Positive Technologies•added 2025/12/24 12:0 a.m.•1 views

PT-2025-53262

Name of the Vulnerable Software and Affected Versions WPBakery Visual Composer WHMCS Elements versions through 1.0.4.3 Description The software contains a flaw related to improper input handling during web page generation, specifically a DOM-Based Cross-site Scripting issue. This allows for the...

6.1CVSS6.4AI score0.00023EPSS

Exploits0References3

Patchstack•added 2025/12/17 3:36 p.m.•1 views

WordPress WPBakery Visual Composer WHMCS Elements plugin <= 1.0.4.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin WPBakery Visual Composer WHMCS Elements versions = 1.0.4.3...

6.1CVSS6.1AI score0.00023EPSS

Exploits0Affected Software1