Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

43 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:16 p.m.7 views

CVE-2026-42733

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 WPCS currency-switcher allows DOM-Based XSS.This issue affects WPCS: from n/a through = 1.3.1...

7.1CVSS5.4AI score0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/27 9:49 a.m.8 views

CVE-2026-42733

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 WPCS currency-switcher allows DOM-Based XSS.This issue affects WPCS: from n/a through = 1.3.1...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/27 9:49 a.m.9 views

CVE-2026-42733 WordPress WPCS plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 WPCS currency-switcher allows DOM-Based XSS.This issue affects WPCS: from n/a through = 1.3.1...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 9:5 a.m.5 views

CVE-2024-34418

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tech9logy Creators WPCS WordPress Custom Search allows Stored XSS.This issue affects WPCS WordPress Custom Search : from n/a through 1.1...

5.9CVSS5.2AI score0.00446EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2024-28377

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00241EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-37551

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00319EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 10:23 a.m.5 views

CVE-2024-38700

Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in realmag777 WPCS allows Code Injection.This issue affects WPCS: from n/a through 1.2.0.3...

6.5CVSS7AI score0.00319EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/23 10:5 a.m.5 views

CVE-2024-30456

Cross-Site Request Forgery CSRF vulnerability in realmag777 WPCS.This issue affects WPCS: from n/a through 1.2.0.1...

8.8CVSS8.6AI score0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/03/13 3:48 a.m.7 views

CVE-2025-2169

The The WPCS – WordPress Currency Switcher Professional plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.0.4. This is due to the software allowing users to execute an action that does not properly validate a value before running...

7.3CVSS7.5AI score0.00503EPSS
Exploits0References1
CVE
CVEadded 2025/03/11 3:22 a.m.62 views

CVE-2025-2169

CVE-2025-2169 affects WPCS – WordPress Currency Switcher Professional (WordPress plugin) up to version 1.2.0.4. The issue arises from unvalidated input feeding do_shortcode, enabling unauthenticated attackers to execute arbitrary shortcodes. Connected sources confirm the vulnerability and indicat...

7.3CVSS7.8AI score0.00503EPSS
Exploits0References4
NVD
NVDadded 2024/07/12 2:15 p.m.19 views

CVE-2024-38700

Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in realmag777 WPCS allows Code Injection.This issue affects WPCS: from n/a through 1.2.0.3...

6.5CVSS0.00319EPSS
Exploits0References1
CVE
CVEadded 2024/07/12 2:5 p.m.51 views

CVE-2024-38700

CVE-2024-38700 is a realmag777 WPCS (WPCS) vulnerability: Improper neutralization of output elements used by a downstream component enables unauthenticated code injection via shortcode execution. Affected range is WPCS: n/a through 1.2.0.3. The entry lists this as an Unauthenticated Arbitrary Sho...

6.5CVSS6.9AI score0.00319EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/07/10 12:0 a.m.14 views

WordPress WPCS Plugin <= 1.2.0.3 is vulnerable to Content Injection

Software WPCS Type Plugin Vulnerable versions = 1.2.0.3 Fixed in 1.2.0.4 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-38700 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 2b3604018b32 Credits stealthcopter Required privilege Unauthenticat...

6.5CVSS6.8AI score0.00319EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2024/05/14 3:38 p.m.6 views

CVE-2024-34418

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tech9logy Creators WPCS WordPress Custom Search allows Stored XSS.This issue affects WPCS WordPress Custom Search : from n/a through 1.1...

5.9CVSS6.1AI score0.00446EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/05/09 11:32 a.m.14 views

CVE-2024-34418 WordPress WPCS ( WordPress Custom Search ) plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tech9logy Creators WPCS WordPress Custom Search allows Stored XSS.This issue affects WPCS WordPress Custom Search : from n/a through 1.1...

5.9CVSS6.8AI score0.00446EPSS
Exploits0References1
WPVulnDB
WPVulnDBadded 2024/04/03 12:0 a.m.19 views

WPCS < 1.2.0.2 - Cross-Site Request Forgery

Description The WPCS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.0.1. This is due to missing or incorrect nonce validation on the saveetalon function. This makes it possible for unauthenticated attackers to update the plugin's settings vi...

8.8CVSS6.4AI score0.00241EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2024/03/29 1:15 p.m.11 views

CVE-2024-30456

Cross-Site Request Forgery CSRF vulnerability in realmag777 WPCS.This issue affects WPCS: from n/a through 1.2.0.1...

8.8CVSS4.6AI score0.00241EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/03/29 1:7 p.m.16 views

CVE-2024-30456 WordPress WPCS – WordPress Currency Switcher Professional plugin <=1.2.0.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in realmag777 WPCS.This issue affects WPCS: from n/a through 1.2.0.1...

4.3CVSS5AI score0.00241EPSS
Exploits0References1
CVE
CVEadded 2024/03/29 1:7 p.m.67 views

CVE-2024-30456

CVE-2024-30456 describes a Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WPCS (WordPress Currency Switcher Pro). The issue affects WPCS versions from unspecified earliest release up to 1.2.0.1. The CVE entry includes an CVSS vector with AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicat...

8.8CVSS8.6AI score0.00241EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/03/29 1:7 p.m.22 views

CVE-2024-30456 WordPress WPCS – WordPress Currency Switcher Professional plugin <=1.2.0.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in realmag777 WPCS.This issue affects WPCS: from n/a through 1.2.0.1...

4.3CVSS8.6AI score0.00241EPSS
Exploits0References1
Rows per page
Query Builder