CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Wp Edit Password Protected WordPress plugin before 1.3.5 does not validate a parameter before redirecting the user to its value, leading to an Open Redirect issue...

0.00203EPSS

Exploits0References1

RedhatCVE•added 2025/06/29 2:26 p.m.•11 views

CVE-2025-53253

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Josh WP Edit wp-edit allows Stored XSS.This issue affects WP Edit: from n/a through = 4.0.4...

5.9CVSS5.9AI score0.00225EPSS

Exploits0References1

NVD•added 2025/06/27 2:15 p.m.•4 views

CVE-2025-53253

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Josh WP Edit wp-edit allows Stored XSS.This issue affects WP Edit: from n/a through = 4.0.4...

5.9CVSS0.00225EPSS

Exploits0References1

Vulnrichment•added 2025/06/27 1:21 p.m.•4 views

CVE-2025-53253 WordPress WP Edit plugin <= 4.0.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Josh WP Edit wp-edit allows Stored XSS.This issue affects WP Edit: from n/a through = 4.0.4...

5.9CVSS5.9AI score0.00225EPSS

Exploits0References1

Cvelist•added 2025/06/27 1:21 p.m.•12 views

CVE-2025-53253 WordPress WP Edit plugin <= 4.0.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Josh WP Edit wp-edit allows Stored XSS.This issue affects WP Edit: from n/a through = 4.0.4...

5.9CVSS0.00225EPSS

Exploits0References1

CVE•added 2025/06/27 1:21 p.m.•17 views

CVE-2025-53253

CVE-2025-53253 maps to WP Edit (WordPress plugin)

5.9CVSS5.9AI score0.00225EPSS

Exploits0References1

CNNVD•added 2025/06/27 12:0 a.m.•4 views

WordPress plugin WP Edit 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

5.9CVSS5.8AI score0.00225EPSS

Exploits0References2

Positive Technologies•added 2025/06/27 12:0 a.m.•4 views

PT-2025-27160 · WordPress · Wp Edit

Name of the Vulnerable Software and Affected Versions: WP Edit versions 4.0.4 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject malicious...

5.9CVSS6.2AI score0.00225EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 5:16 a.m.•7 views

CVE-2023-47528

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Sajjad Hossain Sagor WP Edit Username plugin = 1.0.5 versions...

5.9CVSS5.6AI score0.00394EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:15 a.m.•7 views

CVE-2023-47527

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sajjad Hossain Sagor WP Edit Username allows Stored XSS.This issue affects WP Edit Username: from n/a through 1.0.5...

5.9CVSS6.7AI score0.00291EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:23 p.m.•10 views

CVE-2022-2275

The WP Edit Menu WordPress plugin before 1.5.0 does not have CSRF in an AJAX action, which could allow attackers to make a logged in admin delete arbitrary posts/pages from the blog via a CSRF attack...

4.3CVSS6.8AI score0.00292EPSS

Exploits2References1

NVD•added 2023/12/21 3:15 p.m.•16 views

CVE-2023-47527

5.9CVSS0.00291EPSS

Exploits0References1

Prion•added 2023/12/21 3:15 p.m.•17 views

Cross site scripting

4.9CVSS6.9AI score0.00291EPSS

Exploits0References1Affected Software1

CVE•added 2023/12/21 2:27 p.m.•59 views

CVE-2023-47527

CVE-2023-47527 involves the WP Edit Username WordPress plugin and is a stored cross-site scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Affected versions are listed as from n/a through 1.0.5. The connected Red Hat CVE record (RH:CVE-2023-47527) c...

5.9CVSS6.7AI score0.00291EPSS

Exploits0References1Affected Software1

NVD•added 2023/11/14 10:15 p.m.•12 views

CVE-2023-47528

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Sajjad Hossain Sagor WP Edit Username plugin = 1.0.5 versions...

5.9CVSS0.00394EPSS

Exploits0References1

Vulnrichment•added 2023/11/14 9:18 p.m.•6 views

CVE-2023-47528 WordPress WP Edit Username Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Sajjad Hossain Sagor WP Edit Username plugin = 1.0.5 versions...

5.9CVSS5.4AI score0.00394EPSS

Exploits0References1