Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 10:34 a.m.5 views

CVE-2017-18554

The analytics-tracker plugin before 1.1.1 for WordPress has XSS via a search event...

6.1CVSS6AI score0.0021EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2016-1989

Malware in sbrugna...

6.1CVSS6.3AI score0.0019EPSS
Exploits2References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-28067

Malicious code in bioql PyPI...

6.5CVSS5.5AI score0.00181EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/07/19 8:24 a.m.8 views

CVE-2025-6997 ThemeREX Addons <= 2.35.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trx_addons_get_svg_from_file Function

The ThemeREX Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.35.1.1 due to insufficient input sanitization and output escaping. The plugin’s SVG rendering routine calls the trxaddonsgetsvgfromfile function on an...

6.4CVSS0.0008EPSS
Exploits0References2
CVE
CVEadded 2025/07/16 11:28 a.m.13 views

CVE-2025-48345

CVE-2025-48345 : Reflected XSS in the WordPress plugin Contact Form 7 Editor Button (versions ≤ 1.0.0). Root cause is improper input neutralization during web page generation, enabling a reflected payload to run in a victim’s browser. Affected software is the Contact Form 7 Editor Button plugin f...

7.1CVSS5.9AI score0.00185EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 9:33 a.m.2 views

CVE-2015-9420

The soundcloud-is-gold plugin before 2.3.2 for WordPress has XSS via the wp-admin/admin-ajax.php?action=getsoundcloudplayer id parameter...

6.1CVSS6AI score0.00238EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/04/03 1:27 p.m.4 views

CVE-2025-30616 WordPress Latest Custom Post Type Updates plugin <= 1.3.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Wood Latest Custom Post Type Updates latest-custom-post-type-updates allows Reflected XSS.This issue affects Latest Custom Post Type Updates: from n/a through = 1.3.0...

7.1CVSS7.3AI score0.00219EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/03/03 1:30 p.m.3 views

CVE-2025-25161 WordPress WP Find Your Nearest Plugin <= 0.3.1 - CSRF to Settings Change vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SocialEvolution WP Find Your Nearest wp-find-your-nearest allows Reflected XSS.This issue affects WP Find Your Nearest: from n/a through = 0.3.1...

7.1CVSS7.2AI score0.00346EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/02/03 2:23 p.m.8 views

CVE-2025-22292 WordPress Powerful Auto Chat plugin <= 1.9.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Felipe Peixoto Powerful Auto Chat powers-triggers-of-woo-to-chat allows Stored XSS.This issue affects Powerful Auto Chat: from n/a through = 1.9.8...

6.5CVSS8.6AI score0.00048EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/01/24 5:24 p.m.7 views

CVE-2025-24687 WordPress Show/Hide Shortcode plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lars Wallenborn Show/Hide Shortcode allows Stored XSS. This issue affects Show/Hide Shortcode: from n/a through 1.0.0...

6.5CVSS6.4AI score0.00232EPSS
Exploits0References1
Rows per page
Query Builder