CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-28370

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00215EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-30341

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00339EPSS

Exploits0References1

RedhatCVE•added 2025/06/23 8:41 a.m.•7 views

CVE-2025-5034

The wp-file-download WordPress plugin before 6.2.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...

7.1CVSS6.8AI score0.00215EPSS

Exploits1References1

OSV•added 2025/06/21 6:15 a.m.•4 views

CVE-2025-5034

The wp-file-download WordPress plugin before 6.2.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...

7.1CVSS5.8AI score0.00215EPSS

Exploits1References1

Cvelist•added 2025/06/21 6:0 a.m.•10 views

CVE-2025-5034 WP File Download < 6.2.6 - Reflected XSS

The wp-file-download WordPress plugin before 6.2.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...

0.00215EPSS

Exploits1References1

CVE•added 2025/06/21 6:0 a.m.•29 views

CVE-2025-5034

CVE-2025-5034 affects the WordPress WP File Download plugin prior to version 6.2.6. The issue is a Reflected XSS caused by a parameter that is not properly sanitised and escaped before output to the page. Impact is reflected in user input handling and page rendering. The primary mitigation is upg...

7.1CVSS6.3AI score0.00215EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2025/06/21 6:0 a.m.•4 views

CVE-2025-5034 WP File Download < 6.2.6 - Reflected XSS

The wp-file-download WordPress plugin before 6.2.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...

6.5AI score0.00215EPSS

Exploits1References1

Positive Technologies•added 2025/06/21 12:0 a.m.•6 views

PT-2025-26495

Name of the Vulnerable Software and Affected Versions: wp-file-download WordPress plugin versions prior to 6.2.6 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted back in the...

7.1CVSS5.8AI score0.00215EPSS

Exploits1References6

CNNVD•added 2025/06/21 12:0 a.m.•4 views

WordPress plugin wp-file-download 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.1CVSS6AI score0.00215EPSS

Exploits1References2

RedhatCVE•added 2025/05/23 10:16 a.m.•8 views

CVE-2024-32539

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JoomUnited WP File Download Light allows Stored XSS.This issue affects WP File Download Light: from n/a through 1.3.3...

6.5CVSS5.2AI score0.00339EPSS

Exploits0References1

NVD•added 2024/04/17 9:15 a.m.•15 views

CVE-2024-32539

6.5CVSS6.4AI score0.00339EPSS

Exploits0References1

CVE•added 2024/04/17 8:32 a.m.•63 views

CVE-2024-32539

Technical details about CVE-2024-32539 are not provided in the connected documents. Public information here is limited to the basic description; monitor for updates.

6.5CVSS5.2AI score0.00339EPSS

Exploits0References1

Cvelist•added 2024/04/17 8:32 a.m.•40 views

CVE-2024-32539 WordPress WP File Download Light plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability

6.5CVSS6.6AI score0.00339EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by