Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 9:16 a.m.1 views

CVE-2025-14110

The WP Js List Pages Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' shortcode attribute in all versions up to, and including, 1.21 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5AI score0.00017EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2021-34166

Malicious code in bioql PyPI...

7.5CVSS5.7AI score0.00782EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2025/08/28 12:0 a.m.2 views

PT-2025-35060

Name of the Vulnerable Software and Affected Versions: WP Easy Contact versions through 4.0.1 Description: Deserialization of untrusted data in WP Easy Contact allows for object injection. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

8.1CVSS6.3AI score0.00104EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/05/23 2:50 a.m.2 views

CVE-2023-0060

The Responsive Gallery Grid WordPress plugin before 2.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...

5.4CVSS4.4AI score0.00198EPSS
Exploits2References1
Vulnrichment
Vulnrichmentadded 2025/03/27 3:12 p.m.11 views

CVE-2025-22640 WordPress Paytm Payment Donation Plugin <= 2.3.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paytm Paytm Payment Donation allows Stored XSS.This issue affects Paytm Payment Donation: from n/a through 2.3.3...

5.9CVSS5.8AI score0.00091EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/01/07 12:0 a.m.2 views

PT-2025-1708 · WordPress · Geo Content

Name of the Vulnerable Software and Affected Versions: Geo Content plugin for WordPress versions up to and including 6.0 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the geotargetlygeocontent shortcode. This allows...

6.4CVSS7.2AI score0.0036EPSS
Exploits0References5
Patchstack
Patchstackadded 2024/04/16 6:25 p.m.3 views

WordPress WP-FormAssembly plugin <= 2.0.10 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin WP-FormAssembly versions = 2.0.10...

6.5CVSS6.1AI score0.00178EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichmentadded 2023/05/10 7:47 a.m.11 views

CVE-2023-22711 WordPress IMPress Listings Plugin <= 2.6.2 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Agent Evolution IMPress Listings plugin = 2.6.2 versions...

6.5CVSS5.8AI score0.00181EPSS
Exploits0References1
OSV
OSVadded 2019/08/22 2:15 p.m.2 views

CVE-2016-10926

The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php...

10CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder