CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aharonyan WP Front User Submit / Front Editor front-editor allows Reflected XSS.This issue affects WP Front User Submit / Front Editor: from n/a through = 4.9.3...

7.1CVSS5.9AI score0.00222EPSS

Exploits0References1

NVD•added 2025/06/27 12:15 p.m.•3 views

CVE-2025-28988

7.1CVSS0.00222EPSS

Exploits0References1

Vulnrichment•added 2025/06/27 11:52 a.m.•4 views

CVE-2025-28988 WordPress WP Front User Submit / Front Editor plugin <= 4.9.3 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS5.9AI score0.00222EPSS

Exploits0References1

CVE•added 2025/06/27 11:52 a.m.•17 views

CVE-2025-28988

CVE-2025-28988 is a reflected Cross-Site Scripting (XSS) in the WordPress plugin WP Front User Submit / Front Editor, affecting versions up to 4.9.3. The issue stems from improper input neutralization during web page generation, enabling a reflected XSS that requires user interaction and has CVSS...

7.1CVSS5.9AI score0.00222EPSS

Exploits0References1

RedhatCVE•added 2025/06/23 8:39 a.m.•3 views

CVE-2025-52795

Cross-Site Request Forgery CSRF vulnerability in aharonyan WP Front User Submit / Front Editor front-editor allows Cross Site Request Forgery.This issue affects WP Front User Submit / Front Editor: from n/a through = 5.0.6...

7.1CVSS5.9AI score0.00132EPSS

Exploits0References1

NVD•added 2025/06/20 3:15 p.m.•2 views

CVE-2025-52795

7.1CVSS0.00132EPSS

Exploits0References1

CVE•added 2025/06/20 3:3 p.m.•17 views

CVE-2025-52795

CVE-2025-52795 : CSRF in WordPress plugin “WP Front User Submit / Front Editor” affects versions up to 4.9.4. Root cause is CSRF that can trigger actions without proper authorization. CVSS v3.1 base score 7.1 (HIGH): network vector, low attack complexity, user interaction required, no confidentia...

7.1CVSS5.9AI score0.00132EPSS

Exploits0References1

Positive Technologies•added 2025/06/20 12:0 a.m.•4 views

PT-2025-26423 · Unknown · Wp Front User Submit +1

Name of the Vulnerable Software and Affected Versions: aharonyan WP Front User Submit / Front Editor versions through 4.9.4 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows Cross Site Request Forgery. Recommendations: For versions through 4.9.4, update to a...

7.1CVSS6.2AI score0.00132EPSS

Exploits0References5

RedhatCVE•added 2025/05/09 3:25 p.m.•3 views

CVE-2025-47617

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aharonyan WP Front User Submit / Front Editor front-editor allows Stored XSS.This issue affects WP Front User Submit / Front Editor: from n/a through = 5.0.6...

5.9CVSS7.2AI score0.00225EPSS

Exploits0References1

NVD•added 2025/05/07 3:16 p.m.•4 views

CVE-2025-47617

5.9CVSS0.00225EPSS

Exploits0References1

Vulnrichment•added 2025/05/07 2:20 p.m.•8 views

CVE-2025-47617 WordPress WP Front User Submit / Front Editor plugin <= 5.0.6 - Cross Site Scripting (XSS) vulnerability

5.9CVSS7.2AI score0.00225EPSS

Exploits0References1

Cvelist•added 2025/05/07 2:20 p.m.•13 views

CVE-2025-47617 WordPress WP Front User Submit / Front Editor plugin <= 5.0.6 - Cross Site Scripting (XSS) vulnerability

5.9CVSS0.00225EPSS

Exploits0References1

CVE•added 2025/05/07 2:20 p.m.•42 views

CVE-2025-47617

CVE-2025-47617 concerns a stored XSS in the WordPress plugin "WP Front User Submit / Front Editor" (versions up to 4.9.3). The issue arises from improper neutralization of input during web page generation, enabling stored cross-site scripting. Public sources in the initial document confirm the af...

5.9CVSS7.2AI score0.00225EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by