CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

79 matches found

CNVD•added 2025/12/16 12:0 a.m.•3 views

WordPress Video Merchant Cross-Site Request Forgery Vulnerability

WordPress Video Merchant is a once-existing WordPress plugin that is mainly used for managing and displaying video content. WordPress Video Merchant suffers from a cross-site request forgery vulnerability that stems from missing or incorrect random number validation, which can be exploited by an...

8.8CVSS7AI score0.00119EPSS

Exploits0References1

Patchstack•added 2025/12/10 2:43 a.m.•4 views

WordPress Video Merchant plugin <= 5.0.4 - Cross-Site Request Forgery to Arbitrary File Upload vulnerability

Cross-Site Request Forgery to Arbitrary File Upload vulnerability discovered by Ala Arfaoui in WordPress Plugin Video Merchant versions = 5.0.4...

8.8CVSS6.7AI score0.00119EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2013-3413

Malware in sbrugna...

7.5CVSS6.4AI score0.00713EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-15761

Malicious code in bioql PyPI...

7.1CVSS7.7AI score0.00535EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-43301

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00355EPSS

Exploits0References1

Patchstack•added 2025/09/30 12:5 a.m.•3 views

WordPress Video Gallery by Huzzaz plugin <= 10.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Video Gallery by Huzzaz versions = 10.5...

5.4CVSS6.1AI score0.0003EPSS

Exploits0Affected Software1

Vulnrichment•added 2025/08/20 8:3 a.m.•1 views

CVE-2025-53212 WordPress Revolution Video Player With Bottom Playlist <= 2.9.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Revolution Video Player With Bottom Playlist revolution-video-player allows Reflected XSS.This issue affects Revolution Video Player With Bottom Playlist: from n/a through = 2.9.2...

7.1CVSS5.9AI score0.00047EPSS

Exploits0References1

Cvelist•added 2025/08/20 8:3 a.m.•7 views

CVE-2025-53559 WordPress Universal Video Player - Addon for WPBakery Page Builder <= 3.2.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Universal Video Player - Addon for WPBakery Page Builder lbg-universal-video-player-addon-visual-composer allows Reflected XSS.This issue affects Universal Video Player - Addon for...

7.1CVSS0.00047EPSS

Exploits0References1

Vulnrichment•added 2025/08/14 6:22 p.m.•2 views

CVE-2025-52771 WordPress Video Expander Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bcupham Video Expander video-expander allows Stored XSS.This issue affects Video Expander: from n/a through = 1.0...

6.5CVSS5.2AI score0.00051EPSS

Exploits0References1

Cvelist•added 2025/08/14 6:22 p.m.•8 views

CVE-2025-52771 WordPress Video Expander Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bcupham Video Expander video-expander allows Stored XSS.This issue affects Video Expander: from n/a through = 1.0...

6.5CVSS0.00051EPSS

Exploits0References1

CVE•added 2025/07/04 11:17 a.m.•16 views

CVE-2025-52831

CVE-2025-52831: Video List Manager for WordPress is affected (versions

9.3CVSS5.9AI score0.00232EPSS

Exploits0References1

Vulnrichment•added 2025/07/04 11:17 a.m.•2 views

CVE-2025-52831 WordPress Video List Manager <= 1.7 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in thanhtungtnt Video List Manager allows SQL Injection. This issue affects Video List Manager: from n/a through 1.7...

9.3CVSS7AI score0.00232EPSS

Exploits0References1

Vulnrichment•added 2025/06/17 3:1 p.m.•2 views

CVE-2025-30988 WordPress Elite Video Player plugin <= 10.0.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMedia Elite Video Player elite-video-player allows Stored XSS.This issue affects Elite Video Player: from n/a through = 10.0.5...

7.1CVSS5.8AI score0.00185EPSS

Exploits0References1

Vulnrichment•added 2025/06/06 12:54 p.m.•6 views

CVE-2025-49429 WordPress Video Embeds <= 0.1.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ryan Burnette Video Embeds allows Stored XSS. This issue affects Video Embeds: from n/a through 0.1.1...

6.5CVSS6.9AI score0.00143EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:3 a.m.•3 views

CVE-2024-49231

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cyclop WordPress Video wordpress-video allows Stored XSS.This issue affects WordPress Video: from n/a through = 1.0...

6.5CVSS5.9AI score0.00355EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:40 a.m.•5 views

CVE-2023-0418

The Video Central for WordPress plugin through 1.3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.2AI score0.00285EPSS

Exploits2References1

RedhatCVE•added 2025/05/21 8:23 p.m.•3 views

CVE-2025-39409

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pressaholic WordPress Video Robot - The Ultimate Video Importer.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through 1.20.0...

7.1CVSS8.6AI score0.00535EPSS

Exploits0References1

NVD•added 2025/05/19 7:15 p.m.•5 views

CVE-2025-39409

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pressaholic WordPress Video Robot - The Ultimate Video Importer.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through 1.20.0...

7.1CVSS0.00535EPSS

Exploits0References1

CVE•added 2025/05/19 7:3 p.m.•32 views

CVE-2025-39409

CVE-2025-39409 describes a reflected Cross-Site Scripting (XSS) in the WordPress plugin “WordPress Video Robot – The Ultimate Video Importer” from version 1.20.0 and earlier. The CVE record notes improper input handling during web page generation, enabling injection of scripts. CVSS v3.1 vector i...

7.1CVSS8.6AI score0.00535EPSS

Exploits0References1

Vulnrichment•added 2025/05/19 7:3 p.m.•4 views

CVE-2025-39409 WordPress WordPress Video Robot - The Ultimate Video Importer plugin <= 1.20.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pressaholic WordPress Video Robot - The Ultimate Video Importer.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through 1.20.0...

7.1CVSS7AI score0.00535EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by