CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-23228

Malicious code in bioql PyPI...

7.1CVSS8.6AI score0.00144EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 12:59 p.m.•6 views

CVE-2024-25926

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IndiaNIC Widgets Controller allows Reflected XSS.This issue affects Widgets Controller: from n/a through 1.1...

7.1CVSS8.7AI score0.00144EPSS

Exploits0References1

NVD•added 2024/03/27 6:15 a.m.•7 views

CVE-2024-25926

7.1CVSS6.9AI score0.00144EPSS

Exploits0References1

Cvelist•added 2024/03/27 5:44 a.m.•16 views

CVE-2024-25926 WordPress Widgets Controller plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability

7.1CVSS7.1AI score0.00144EPSS

Exploits0References1

Vulnrichment•added 2024/03/27 5:44 a.m.•11 views

CVE-2024-25926 WordPress Widgets Controller plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability

7.1CVSS6.9AI score0.00144EPSS

Exploits0References1

CVE•added 2024/03/27 5:44 a.m.•57 views

CVE-2024-25926

CVE-2024-25926 affects the WordPress Widgets Controller plugin (versions <= 1.1). The vulnerability is an Unauthenticated Cross-Site Scripting (XSS) caused by improper input neutralization during web page generation, enabling reflected XSS. Public sources consistently describe this as a WordPr...

7.1CVSS8.7AI score0.00144EPSS

Exploits0References1

CNNVD•added 2024/03/27 12:0 a.m.•0 views

WordPress Plugin Widgets Controller 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

7.1CVSS7AI score0.00144EPSS

Exploits0References2

Positive Technologies•added 2024/03/26 12:0 a.m.•2 views

PT-2024-21219 · Indianic · Indianic Widgets Controller

Name of the Vulnerable Software and Affected Versions: IndiaNIC Widgets Controller versions 1.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker...

7.1CVSS9.3AI score0.00144EPSS

Exploits0References4

Patchstack•added 2024/02/15 12:0 a.m.•9 views

WordPress Widgets Controller Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Widgets Controller Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-25926 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4c79441001d3 Credits Dimas Maulana Required privilege...

7.1CVSS6.5AI score0.00144EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by