CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Nuclei•added 18 hours ago•8 views

WordPress FluentCRM <= 2.9.87 - Unauthenticated Blind SSRF

FluentCRM WordPress plugin = 2.9.87 contains a blind server-side request forgery caused by improper validation of the 'SubscribeURL' parameter, letting unauthenticated attackers make arbitrary web requests, exploit requires unconfigured SES bounce handling key. id: CVE-2026-7798 info: name:...

5.4CVSS5.5AI score0.00878EPSS

Nuclei•added 18 hours ago•22 views

WooCommerce Designer Pro <= 1.9.28 - Arbitrary File Read

WooCommerce Designer Pro theme for WordPress = 1.9.28 contains an arbitrary file read vulnerability caused by improper input validation, letting unauthenticated attackers read arbitrary files including sensitive configuration files, exploit requires no authentication. id: CVE-2025-10897 info: nam...

8.6CVSS5.5AI score0.16252EPSS

Nuclei•added 18 hours ago•16 views

ZoomSounds Plugin - Unauthenticated Arbitrary File Upload

ZoomSounds plugin for WordPress contains a file upload vulnerability in savepng.php id: CVE-2021-4449 info: name: ZoomSounds Plugin - Unauthenticated Arbitrary File Upload author: 0xnemian severity: critical description: | ZoomSounds plugin for WordPress contains a file upload vulnerability in...

9.8CVSS7.8AI score0.808EPSS

Exploits2References5

5.3CVSS5.4AI score0.01448EPSS

Stop User Enumeration WordPress plugin - Authentication Bypass

Stop User Enumeration WordPress plugin 1.7.3 contains an authentication bypass caused by URL-encoding the REST API path /wp-json/wp/v2/users/, letting attackers bypass user enumeration restrictions, exploit requires crafted URL encoding. id: CVE-2025-4302 info: name: Stop User Enumeration WordPre...

Exploits1References3

Nuclei•added 18 hours ago•16 views

Responsive Pricing Table <= 5.1.12 - Cross-Site Scripting

The Responsive Pricing Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'planicons' parameter in all versions up to, and including, 5.1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-lev...

6.4CVSS5.7AI score0.0224EPSS

7.5CVSS7.5AI score0.2163EPSS

Nevma Adaptive Images - Arbitrary File Deletion

Nevma Adaptive Images plugin before 0.6.67 for WordPress contains an arbitrary file deletion caused by unsanitized input in adaptive-images-script.php, letting remote attackers delete arbitrary files, exploit requires sending specific request parameters. id: CVE-2019-14206 info: name: Nevma...

Exploits2References6

Nuclei•added 18 hours ago•9 views

WordPress Calls to Action <=2.4.3 - Authenticated Reflected XSS

Calls to Action plugin before 2.5.1 for WordPress contains stored XSS caused by unsanitized input in open-tab parameter in wp-admin/edit.php and wp-cta-variation-id parameter in ab-testing-call-to-action-example/, letting remote attackers inject arbitrary web script or HTML, exploit requires...

6.1CVSS6.4AI score0.00192EPSS

Exploits3References5

Nuclei•added 18 hours ago•25 views

WordPress Shortcodes Ultimate <= 5.0.0 - Authenticated Remote Code Execution

Shortcodes Ultimate plugin before 5.0.1 for WordPress contains a remote code execution caused by a filter in meta, post, or user shortcode, letting remote attackers execute arbitrary code, exploit requires sending crafted shortcode data. id: CVE-2017-18580 info: name: WordPress Shortcodes Ultimat...

9.8CVSS8.7AI score0.70003EPSS

Exploits1References4

Nuclei•added 18 hours ago•16 views

Download Monitor < 4.4.5 - SQL Injection

The Download Monitor plugin for WordPress is vulnerable to SQL injection via the 'orderby' parameter in versions before 4.4.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attacker...

7.2CVSS7.2AI score0.02235EPSS

Exploits5References3

Nuclei•added 18 hours ago•10 views

Sunshine Photo Cart <= 3.2.5 - Reflected Cross-Site Scripting

WP Sunshine Sunshine Photo Cart versions up to 3.2.5 contain a reflected cross-site scripting caused by improper input neutralization during web page generation, letting attackers execute malicious scripts in users' browsers, exploit requires attacker to craft malicious input. id: CVE-2024-43971...

7.1CVSS5.3AI score0.04055EPSS

6.1CVSS6.3AI score0.03224EPSS

GiveWP <= 2.9.7 - Cross-Site Scripting

GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress versions before 2.10.0 is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in the admin Donors page. id: CVE-2021-24213 info: name: GiveWP = 2.9.7 - Cross-Site Scripting author: Shivam Kamboj severity: medium...

Exploits4References3

Nuclei•added 18 hours ago•13 views

GP Premium <= 2.4.0 - Cross-Site Scripting

The GP Premium plugin for WordPress up to 2.4.0 is vulnerable to reflected XSS via the 'message' parameter in inc/verify.php lines 95-101, where a message passed with slactivation=false is URL-decoded and used unsanitized in addsettingserror, allowing XSS payloads to be reflected in admin notices...

6.1CVSS5.3AI score0.0944EPSS

Nuclei•added 18 hours ago•7 views

MyStyle Custom Product Designer <= 3.21.1 - SQL Injection

The MyStyle Custom Product Designer plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.21.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated...

9.3CVSS5.7AI score0.05014EPSS

Exploits0References1

Nuclei•added 18 hours ago•7 views

WP-Lister Lite for Amazon <= 2.6.16 - Cross-Site Scripting

The WP-Lister Lite for Amazon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.6.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

7.1CVSS5.7AI score0.17493EPSS

Nuclei•added 18 hours ago•12 views

Frontend File Manager Plugin <= 23.5 - Unauthenticated Arbitrary Email Sending

Frontend File Manager Plugin WordPress plugin through 23.5 contains an open relay and unauthorized file access vulnerability caused by lack of authentication and security checks, letting unauthenticated attackers send emails and access files, exploit requires no authentication. id: CVE-2026-0829...

5.8CVSS5.4AI score0.02584EPSS

Exploits0References4

Nuclei•added 18 hours ago•10 views

Simple File List < 6.1.13 - Reflected Cross-Site Scripting

Simple File List WordPress plugin \u003C 6.1.13 contains a reflected cross-site scripting caused by unsanitized URL output in an attribute, letting attackers execute malicious scripts in admin browsers, exploit requires victim to be an admin. id: CVE-2024-10146 info: name: Simple File List 6.1.13...

5.4CVSS5.2AI score0.00938EPSS

Exploits1References2

Nuclei•added 18 hours ago•14 views

WordPress Varnish/Nginx Proxy Caching <= 1.8.3 - Information Exposure

Razvan Stanga Varnish/Nginx Proxy Caching = 1.8.3 contains an insertion of sensitive information into sent data vulnerability caused by improper handling of embedded sensitive data, letting attackers retrieve sensitive information, exploit requires crafted requests. id: CVE-2025-62126 info: name:...

5.3CVSS5.4AI score0.0087EPSS

Nuclei•added 18 hours ago•23 views

WpStickyBar <= 2.1.0 - SQL Injection

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection id: CVE-2024-5765 info: name: WpStickyBar = 2.1.0 - SQL Injection author: theamanrawat severity: high description: | Th...

9.8CVSS5.6AI score0.77392EPSS

Exploits1References3