CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

ATTACKERKB•added 2026/03/11 11:9 a.m.•2 views

CVE-2026-3178

The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'namedirectoryname' parameter in all versions up to, and including, 1.32.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.2CVSS5.9AI score0.00139EPSS

Exploits0References6

Patchstack•added 2024/08/26 12:0 a.m.•9 views

WordPress Name Directory Plugin <= 1.29.0 is vulnerable to Cross Site Scripting (XSS)

Software Name Directory Type Plugin Vulnerable versions = 1.29.0 Fixed in 1.29.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43938 Patch priority Medium CVSS severity Medium 7.1 Developer Jeroen Peters PSID 00d0c2d9ba55 Credits LVT-tholv2k Required privilege...

6.5CVSS6.6AI score0.00297EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/01/23 12:0 a.m.•16 views

WordPress Name Directory Plugin <= 1.27.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Name Directory Type Plugin Vulnerable versions = 1.27.1 Fixed in 1.27.2 OWASP Top 10 A6: Security Misconfiguration Classification Cross Site Request Forgery CSRF CVE CVE-2023-22692 Patch priority Low CVSS severity Low 4.3 Developer Jeroen Peters PSID 97cd32d13c24 Credits NeginNrb Require...

8.8CVSS6.7AI score0.00106EPSS

Exploits0References2Affected Software1

Patchstack•added 2022/07/04 12:0 a.m.•18 views

WordPress Name Directory plugin <= 1.25.3 - Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability

Stored Cross-Site Scripting XSS via Cross-Site Request Forgery CSRF vulnerability discovered by Donato Di Pasquale in WordPress Name Directory plugin versions = 1.25.3. Solution Update the WordPress Name Directory plugin to the latest available version at least 1.25.4...

6.1CVSS3.3AI score0.00107EPSS

Exploits2References1Affected Software1

Patchstack•added 2022/07/04 12:0 a.m.•22 views

WordPress Name Directory plugin <= 1.25.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Donato Di Pasquale in WordPress Name Directory plugin versions = 1.25.2. Solution Update the WordPress Name Directory plugin to the latest available version at least 1.25.3...

6.1CVSS2.2AI score0.0021EPSS

Exploits2References1Affected Software1

Patchstack•added 2021/01/10 12:0 a.m.•19 views

WordPress Name Directory plugin <= 1.17.4 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability found by Yuta in WordPress Name Directory plugin versions = 1.17.4. Solution Update the WordPress Name Directory plugin to the latest available version at least 1.18...

8.8CVSS4AI score0.00094EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by