CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

CNNVD•added 2025/11/13 12:0 a.m.•2 views

WordPress plugin WP Plugin Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress WP Manager plugin, which arises from a web application that does not adequately validate that a request is...

6.5CVSS6.4AI score0.00014EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-4520

Malware in sbrugna...

4.3CVSS6.4AI score0.00174EPSS

Exploits1References2

NVD•added 2023/03/27 4:15 p.m.•11 views

CVE-2023-1088

The WP Plugin Manager WordPress plugin before 1.1.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

4.3CVSS4.6AI score0.00106EPSS

Exploits2References1

Prion•added 2023/03/27 4:15 p.m.•11 views

Cross site request forgery (csrf)

4.3CVSS4.6AI score0.00106EPSS

Exploits2References1Affected Software1

CVE•added 2023/03/27 3:37 p.m.•55 views

CVE-2023-1088

CVE-2023-1088 affects WP Plugin Manager for WordPress prior to 1.1.8. The root cause is missing CSRF validation on plugin activation, enabling CSRF attackers to trigger activation of arbitrary plugins by logged-in admins. Public details consistently identify the vulnerable release range and the f...

4.3CVSS4.5AI score0.00106EPSS

Exploits2References1Affected Software1

Vulnrichment•added 2023/03/27 3:37 p.m.•9 views

CVE-2023-1088 WP Plugin Manager < 1.1.8 - Arbitrary Plugin Activation via CSRF

4.6AI score0.00106EPSS

Exploits2References1

NVD•added 2014/07/02 6:55 p.m.•7 views

CVE-2014-4593

Cross-site scripting XSS vulnerability in wp-plugins-net/index.php in the WP Plugin Manager wppm plugin 1.6.4.b and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filter parameter...

4.3CVSS5.8AI score0.00174EPSS

Exploits1References1

Prion•added 2014/07/02 6:55 p.m.•12 views

Cross site scripting

4.3CVSS6.2AI score0.00174EPSS

Exploits1References1Affected Software1

Cvelist•added 2014/07/02 6:0 p.m.•17 views

CVE-2014-4593

5.8AI score0.00174EPSS

Exploits1References1

CVE•added 2014/07/02 6:0 p.m.•44 views

CVE-2014-4593

CVE-2014-4593 is a cross-site scripting (XSS) vulnerability in the WP Plugin Manager (WP Plugin Manager) plugin for WordPress, specifically in wp-plugins-net/index.php up to version 1.6.4.b. The flaw allows remote attackers to inject arbitrary web script or HTML via the filter parameter. Connecte...

4.3CVSS6AI score0.00174EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by