CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-30307

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00014EPSS

Exploits0References4

RedhatCVE•added 2025/09/22 7:33 a.m.•3 views

CVE-2025-9882

The osTicket WP Bridge plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web...

6.1CVSS5.3AI score0.00014EPSS

Exploits0References1

CVE•added 2025/09/20 6:43 a.m.•14 views

CVE-2025-9882

This CVE refers to the osTicket WP Bridge plugin for WordPress (

6.1CVSS4.9AI score0.00014EPSS

Exploits0References3

Cvelist•added 2025/09/20 6:43 a.m.•6 views

CVE-2025-9882 osTicket WP Bridge <= 1.9.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

6.1CVSS0.00014EPSS

Exploits0References3

Positive Technologies•added 2025/09/20 12:0 a.m.•1 views

PT-2025-38634

Name of the Vulnerable Software and Affected Versions osTicket WP Bridge versions up to and including 1.9.2 Description The osTicket WP Bridge plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on a function. This allows unauthenticated...

6.1CVSS5.8AI score0.00014EPSS

Exploits0References5

Cvelist•added 2025/04/01 5:32 a.m.•13 views

CVE-2025-31409 WordPress Bridge Core plugin < 3.3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Bridge Core allows Stored XSS. This issue affects Bridge Core: from n/a through n/a...

6.5CVSS0.00128EPSS

Exploits0References1

CVE•added 2025/04/01 5:32 a.m.•55 views

CVE-2025-31409

CVE-2025-31409 concerns Bridge Core, where improper neutralization of input during web page generation enables a Stored XSS. Public data show affected software: Bridge Core (before 3.3.1), with patch applied in version 3.3.1. The CVSS-like metrics report vectors such as AV:N/AC:L/PR:L/UI:R/S:C/C:...

6.5CVSS8.6AI score0.00128EPSS

Exploits0References1

Cvelist•added 2025/01/27 2:22 p.m.•9 views

CVE-2025-24744 WordPress Bridge Core plugin <= 3.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in NotFound Bridge Core. This issue affects Bridge Core: from n/a through 3.3...

4.3CVSS0.00211EPSS

Exploits0References1

Vulnrichment•added 2025/01/27 2:22 p.m.•3 views

CVE-2025-24744 WordPress Bridge Core plugin <= 3.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in NotFound Bridge Core. This issue affects Bridge Core: from n/a through 3.3...

4.3CVSS5.7AI score0.00211EPSS

Exploits0References1

Patchstack•added 2025/01/24 11:47 a.m.•3 views

WordPress Bridge Core plugin <= 3.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Bridge Core versions = 3.3...

4.3CVSS7AI score0.00211EPSS

Exploits0Affected Software1

Patchstack•added 2023/08/29 12:0 a.m.•9 views

WordPress Bridge Core Plugin <= 3.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Bridge Core Type Plugin Vulnerable versions = 3.0.9 Fixed in 3.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-40333 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d3de5f78c548 Credits Rafie Muhammad Patchstack Required...

7.1CVSS6.5AI score0.00175EPSS

Exploits0References1Affected Software1

CVE•added 2007/01/04 10:0 p.m.•41 views

CVE-2006-6863

CVE-2006-6863 describes a PHP remote file inclusion in the Enigma2.php file of the Enigma WordPress Bridge (Enigma2 plugin). The vulnerability allows remote code execution via a URL parameter in boarddir, but CVE notes indicate boarddir may be fixed, which affects exploitability. Multiple sources...

10CVSS7.5AI score0.05559EPSS

Exploits1References6Affected Software1

Packet Storm•added 2007/01/02 12:0 a.m.•16 views

enigmawp-rfi.txt

----------------------------------------------- Enigma WordPress Bridge boarddir Remote File Include ----------------------------------------------- Author: xoron ----------------------------------------------- Vuln Code: requireonce$boarddir . '/PortalSources/Portal.ini.php';...

7.4AI score

Exploits0

NVD•added 2006/12/31 5:0 a.m.•9 views

CVE-2006-6863

PHP remote file inclusion vulnerability in the Enigma2 plugin Enigma2.php in Enigma WordPress Bridge allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter. NOTE: CVE disputes this issue, since $boarddir is set to a fixed value...

10CVSS7.5AI score0.05559EPSS

Exploits1References6

seebug.org•added 2006/12/31 12:0 a.m.•12 views

Enigma 2 WordPress Bridge (boarddir) Remote File Include Vulnerability

No description provided by source. ----------------------------------------------- Enigma WordPress Bridge boarddir Remote File Include ----------------------------------------------- Author: xoron ----------------------------------------------- Vuln Code: requireonce$boarddir...

7.1AI score

Exploits0

0day.today•added 2006/12/30 12:0 a.m.•29 views

Enigma 2 WordPress Bridge (boarddir) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ====================================================================== Enigma 2 WordPress Bridge boarddir Remote File Include Vulnerability ======================================================================...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by