CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36 matches found

RedhatCVE•added 2026/03/26 3:13 p.m.•3 views

CVE-2025-62043

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in WPSight WPCasa allows DOM-Based XSS.This issue affects WPCasa: from n/a through 1.4.1...

6.5CVSS5.8AI score0.00021EPSS

Exploits0References1

EUVD•added 2026/03/19 9:30 a.m.•2 views

EUVD-2025-208863

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in WPSight WPCasa allows DOM-Based XSS.This issue affects WPCasa: from n/a through 1.4.1...

6.5CVSS5.8AI score0.00021EPSS

Exploits0References2

NVD•added 2026/03/19 9:16 a.m.•1 views

CVE-2025-62043

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in WPSight WPCasa allows DOM-Based XSS.This issue affects WPCasa: from n/a through 1.4.1...

6.5CVSS0.00021EPSS

Exploits0References1

CVE•added 2026/03/19 8:25 a.m.•5 views

CVE-2025-62043

CVE-2025-62043: WPCasa WordPress plugin is affected up to version 1.4.1 by a DOM-based XSS due to improper neutralization of input during web page generation. The vulnerability affects WPCasa (and related WPSight/WPCasa references) with a CVSS v3.1 base score of 6.5 (Medium) and requires user int...

6.5CVSS5.8AI score0.00021EPSS

Exploits0References1

ATTACKERKB•added 2026/03/19 8:25 a.m.•3 views

CVE-2025-62043

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in WPSight WPCasa allows DOM-Based XSS.This issue affects WPCasa: from n/a through 1.4.1...

6.5CVSS5.8AI score0.00021EPSS

Exploits0References2

Cvelist•added 2026/03/19 8:25 a.m.•20 views

CVE-2025-62043 WordPress WPCasa plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in WPSight WPCasa allows DOM-Based XSS.This issue affects WPCasa: from n/a through 1.4.1...

6.5CVSS0.00021EPSS

Exploits0References1

Vulnrichment•added 2026/03/19 8:25 a.m.•2 views

CVE-2025-62043 WordPress WPCasa plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in WPSight WPCasa allows DOM-Based XSS.This issue affects WPCasa: from n/a through 1.4.1...

6.5CVSS5.8AI score0.00021EPSS

Exploits0References1

CNNVD•added 2026/03/19 12:0 a.m.•2 views

WordPress plugin WPCasa 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.7AI score0.00021EPSS

Exploits0References1

Positive Technologies•added 2026/03/19 12:0 a.m.•2 views

PT-2026-26270

CVE-2025-62043 Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in WPSight WPCasa allows DOM-Based XSS.This issue affects WPCasa: f… https://t.co/jx1gWujkMb...

6.5CVSS5.8AI score0.00021EPSS

Exploits0References3

Patchstack•added 2025/10/16 1:32 p.m.•4 views

WordPress WPCasa plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin WPCasa versions = 1.4.1...

6.1AI score0.00021EPSS

Exploits0Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-52158

Malicious code in bioql PyPI...

5.3CVSS8.7AI score0.00392EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-30829

Malicious code in bioql PyPI...

9.8CVSS6.4AI score0.00192EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-11292

Malicious code in bioql PyPI...

6.5CVSS7.3AI score0.00214EPSS

Exploits0References2

RedhatCVE•added 2025/09/25 2:53 a.m.•1 views

CVE-2025-9321

The WPCasa plugin for WordPress is vulnerable to Code Injection in all versions up to, and including, 1.4.1. This is due to insufficient input validation and restriction on the 'apirequests' function. This makes it possible for unauthenticated attackers to call arbitrary functions and execute cod...

9.8CVSS6.6AI score0.00192EPSS

Exploits0References1

NVD•added 2025/09/23 5:15 a.m.•3 views

CVE-2025-9321

9.8CVSS0.00192EPSS

Exploits0References3

Cvelist•added 2025/09/23 4:26 a.m.•4 views

CVE-2025-9321 WPCasa <= 1.4.1 - Unauthenticated Code Injection

9.8CVSS0.00192EPSS

Exploits0References3

Vulnrichment•added 2025/09/23 4:26 a.m.•1 views

CVE-2025-9321 WPCasa <= 1.4.1 - Unauthenticated Code Injection

9.8CVSS6.2AI score0.00192EPSS

Exploits0References3

CVE•added 2025/09/23 4:26 a.m.•16 views

CVE-2025-9321

CVE-2025-9321 (WPCasa for WordPress) The WPCasa plugin (WordPress) up to version 1.4.1 is affected by unauthenticated Code Injection due to insufficient input validation in the api_requests function, enabling attackers to call arbitrary functions and execute code. The issue is rated CRITICAL (CVS...

9.8CVSS6.3AI score0.00192EPSS

Exploits0References3

CNNVD•added 2025/09/23 12:0 a.m.•1 views

WordPress plugin WPCasa 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code injecti...

9.8CVSS7.6AI score0.00192EPSS

Exploits0References3

Positive Technologies•added 2025/09/23 12:0 a.m.•2 views

PT-2025-39118

Name of the Vulnerable Software and Affected Versions WPCasa plugin for WordPress versions prior to 1.4.2 Description The WPCasa plugin for WordPress is susceptible to Code Injection due to insufficient input validation and restriction on the api requests function. This allows unauthenticated...

9.8CVSS7.1AI score0.00192EPSS

Exploits0References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by