CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

Vulnrichment•added 2026/05/14 12:32 p.m.•5 views

CVE-2026-4031 Database Backup for WordPress <= 2.5.2 - Missing Authorization to Unauthenticated Database Backup Interception

The Database Backup for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.5.2. This is due to the plugin not restricting access to the wpdbtempdir parameter, which controls where database backups are written. This makes it possible for...

7.5CVSS5.7AI score0.00111EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2013-6792

Malware in sbrugna...

4.3CVSS6.1AI score0.00473EPSS

Exploits4References5

EUVD•added 2025/10/03 8:7 p.m.•9 views

EUVD-2023-26757

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.08419EPSS

Exploits1References8

Tenable Nessus•added 2025/08/27 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2023-22622

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes...

5.3CVSS6.3AI score0.08419EPSS

Exploits1References2

Patchstack•added 2023/07/18 12:0 a.m.•5 views

WordPress WP-Cron Status Checker Plugin < 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Software WP-Cron Status Checker Type Plugin Vulnerable versions 1.2.5 Fixed in 1.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e78f192bc072 Credits Rafie Muhammad Patchstack...

6.2AI score

Exploits0References3Affected Software1

Patchstack•added 2022/02/28 12:0 a.m.•16 views

WordPress WP-Cron Status Checker plugin <= 1.2.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WP-Cron Status Checker plugin versions = 1.2.2. Solution Update the WordPress WP-Cron Status Checker plugin to the latest available version at least 1.2.4...

4.3AI score

Exploits0References2Affected Software1

Patchstack•added 2022/02/28 12:0 a.m.•11 views

WordPress WP-Cron Status Checker plugin <= 1.2.2 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WP-Cron Status Checker plugin versions = 1.2.2. Solution Update the WordPress WP-Cron Status Checker plugin to the latest available version at least 1.2.4...

2.2AI score

Exploits0References2Affected Software1

WPVulnDB•added 2014/08/01 10:58 a.m.•22 views

WP Cron DashBoard <= 1.1.5 - Reflected Cross-Site Scripting (XSS)

The WP-Cron Dashboard WordPress plugin was affected by a Reflected Cross-Site Scripting XSS security vulnerability...

4.3CVSS1.3AI score0.00473EPSS

Exploits4References3Affected Software1

securityvulns•added 2014/01/09 12:0 a.m.•64 views

Cross-Site Scripting (XSS) in WP-Cron Dashboard Wordpress plugin

Advisory ID: HTB23189 Product: WP-Cron Dashboard Wordpress plugin Vendor: OKAMOTO Wataru Vulnerable Versions: 1.1.5 and probably prior Tested Version: 1.1.5 Advisory Publication: December 5, 2013 without technical details Vendor Notification: December 5, 2013 Public Disclosure: December 26, 2013...

4.3CVSS6.2AI score0.00473EPSS

Exploits4

NVD•added 2014/01/03 6:54 p.m.•14 views

CVE-2013-6991

Cross-site scripting XSS vulnerability in the WP-Cron Dashboard plugin 1.1.5 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the procname parameter to wp-admin/tools.php...

4.3CVSS5.7AI score0.00473EPSS

Exploits4References3

Prion•added 2014/01/03 6:54 p.m.•13 views

Cross site scripting

4.3CVSS6.2AI score0.00473EPSS

Exploits4References3Affected Software1

CVE•added 2014/01/02 3:0 p.m.•68 views

CVE-2013-6991

The CVE covers WP-Cron Dashboard WordPress plugin vulnerability (versions ≤ 1.1.5) where the procname parameter submitted to /wp-admin/tools.php is not properly sanitized, allowing reflected XSS in the administrator’s browser. Impact is arbitrary HTML/JavaScript execution within the affected site...

4.3CVSS5.8AI score0.00473EPSS

Exploits4References3Affected Software1

Cvelist•added 2014/01/02 3:0 p.m.•19 views

CVE-2013-6991

5.7AI score0.00473EPSS

Exploits4References3

0day.today•added 2013/12/27 12:0 a.m.•65 views

WordPress WP-Cron 1.1.5 Cross Site Scripting Vulnerability

WordPress WP-Cron Dashboard plugin version 1.1.5 suffers from a cross site scripting vulnerability. Product: WP-Cron Dashboard Wordpress plugin Vendor: OKAMOTO Wataru Vulnerable Versions: 1.1.5 and probably prior Tested Version: 1.1.5 Advisory Publication: December 5, 2013 without technical detai...

4.3CVSS5.9AI score0.00473EPSS

Exploits4

seebug.org•added 2013/12/27 12:0 a.m.•46 views

Wordpress WP-Cron Dashboard插件跨站脚本漏洞

CVE ID:CVE-2013-6991 WordPress是一款内容管理系统。由于"procname" HTTP POST参数传递到"/wp-admin/tools.php"脚本的参数未能充分过滤用户提供的数据，远程攻击者可以欺骗登录的管理员访问恶意链接，在受影响网站的浏览器上下文中执行任意HTML和脚本代码。 0 Wordpress WP-Cron Dashboard=1.1.5 厂商未提供官方的更新补丁，用户可使用非官方补丁： https://www.htbridge.com/advisory/HTB23189-patch.zip The exploitation exampl...

4.3CVSS6.5AI score0.00473EPSS

Exploits4

Packet Storm•added 2013/12/26 12:0 a.m.•84 views

WordPress WP-Cron 1.1.5 Cross Site Scripting

4.3CVSS6.5AI score0.00473EPSS

Exploits4

htbridge•added 2013/12/05 12:0 a.m.•75 views

Cross-Site Scripting (XSS) in WP-Cron Dashboard Wordpress plugin

High-Tech Bridge Security Research Lab discovered vulnerability in WP-Cron Dashboard Wordpress plugin, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS in WP-Cron Dashboard Wordpress plugin: CVE-2013-6991 The vulnerability exists due to insufficient...

2.6CVSS0.3AI score0.00473EPSS

Exploits4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by