CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

5.5CVSS5.3AI score0.00201EPSS

WordPress plugin WP Nano AD 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CNNVD•added 2026/06/02 12:0 a.m.•5 views

WordPress plugin Remove meta boxes per user role 跨站请求伪造漏洞

4.3CVSS5.3AI score0.00132EPSS

Exploits0References7

Packet Storm•added 2026/06/02 12:0 a.m.•50 views

📄 WordPress OrderConvo 13.5 Path Traversal

Proof of concept exploit that demonstrates a path traversal vulnerability in WordPress OrderConvo plugin version 13.5. Exploit Title: WordPress OrderConvo 14 - Path Traversal Date: 05-31-2026 Exploit Author: Diamorphine Vendor Homepage: https://www.najeebmedia.com/ Software Link:...

7.5CVSS5.8AI score0.03656EPSS

Exploits4

Positive Technologies•added 2026/06/02 12:0 a.m.•16 views

PT-2026-45699

Name of the Vulnerable Software and Affected Versions rognone versions prior to 0.6.3 Description The rognone plugin for WordPress is subject to Reflected Cross-Site Scripting, a flaw where an application includes untrusted data in a web page without proper validation or escaping. This occurs due...

6.1CVSS6AI score0.00204EPSS

Exploits0References6

WordPress plugin Laiser Tag 跨站请求伪造漏洞

CNNVD•added 2026/06/02 12:0 a.m.•8 views

WordPress plugin BirdSeed 跨站请求伪造漏洞

CNNVD•added 2026/06/02 12:0 a.m.•10 views

Exploits0References5

WordPress plugin Google Plus One Bottom 跨站请求伪造漏洞

4.3CVSS5.4AI score0.00128EPSS

CNNVD•added 2026/06/02 12:0 a.m.•5 views

WordPress plugin Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO) 跨站脚本漏洞

6.4CVSS5.2AI score0.00181EPSS

Exploits0References3

CNNVD•added 2026/06/02 12:0 a.m.•7 views

WordPress plugin Really Simple Security 安全漏洞

7.5CVSS5.5AI score0.00236EPSS

Exploits0References1

CNNVD•added 2026/06/02 12:0 a.m.•8 views

WordPress plugin hiWeb Migration Simple 跨站脚本漏洞

6.1CVSS5.1AI score0.00208EPSS

Exploits0References3

CNNVD•added 2026/06/02 12:0 a.m.•6 views

WordPress plugin FPW Category Thumbnails 跨站脚本漏洞

6.4CVSS5.1AI score0.00192EPSS

Positive Technologies•added 2026/06/02 12:0 a.m.•14 views

PT-2026-45706

Name of the Vulnerable Software and Affected Versions BirdSeed versions prior to 2.2.1 Description The BirdSeed plugin for WordPress is subject to Cross-Site Request Forgery. This occurs because the birdseed plugin settings page function fails to perform nonce validation—a security mechanism used...

Positive Technologies•added 2026/06/02 12:0 a.m.•11 views

Exploits0References9

PT-2026-45705

Name of the Vulnerable Software and Affected Versions Word Replacer versions prior to 0.5 Description Insufficient input sanitization and output escaping allow authenticated attackers with Administrator-level access and above to perform Stored Cross-Site Scripting. This occurs via the replacement...

4.4CVSS5.7AI score0.00246EPSS

Exploits0References13

Positive Technologies•added 2026/06/02 12:0 a.m.•12 views

PT-2026-45713

Name of the Vulnerable Software and Affected Versions Laiser Tag versions prior to 1.2.6 Description The Laiser Tag plugin for WordPress is subject to Cross-Site Request Forgery CSRF, a flaw where an attacker tricks a victim into executing unwanted actions. This occurs due to missing or incorrect...

CNNVD•added 2026/06/02 12:0 a.m.•5 views

Exploits0References8

WordPress plugin ARMember Premium 授权问题漏洞

9.8CVSS5.5AI score0.00419EPSS

Exploits3References2

4.3CVSS5.5AI score0.00153EPSS

WordPress plugin Slider Revolution 安全漏洞

Exploits0References2