CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

186 matches found

WordPress NotificationX <2.3.9 - SQL Injection

WordPress NotificationX plugin prior to 2.3.9 contains a SQL injection vulnerability. The plugin does not sanitize and escape the nxid parameter before using it in a SQL statement, leading to an unauthenticated blind SQL injection. An attacker can possibly obtain sensitive information, modify dat...

9.8CVSS7.4AI score0.61506EPSS

Exploits2References5

Nuclei•added 2026/05/27 3:54 a.m.•69 views

Essential Blocks < 4.4.3 - Local File Inclusion

Wordpress Essential Blocks plugin prior to 4.4.3 was discovered to be vulnerable to a significant Local File Inclusion vulnerability that may be exploited by any attacker, regardless of whether they have an account on the site. id: CVE-2023-6623 info: name: Essential Blocks 4.4.3 - Local File...

9.8CVSS7.3AI score0.88125EPSS

Exploits2References3

Nuclei•added 2026/05/27 12:33 a.m.•64 views

WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset

Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1. id: CVE-2023-32243 info: name: WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset author:...

9.8CVSS7.5AI score0.93509EPSS

Exploits8References5

NVD•added 2026/04/29 12:16 p.m.•0 views

CVE-2026-42644

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper BetterDocs betterdocs allows Retrieve Embedded Sensitive Data.This issue affects BetterDocs: from n/a through = 4.3.10...

5.3CVSS0.00013EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:28 a.m.•4 views

CVE-2023-49184

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Parallax Slider Block allows Stored XSS.This issue affects Parallax Slider Block: from n/a through 1.2.4...

5.9CVSS6.7AI score0.00118EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:58 a.m.•4 views

CVE-2023-45104

Missing Authorization vulnerability in WPDeveloper BetterLinks betterlinks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BetterLinks: from n/a through = 1.6.0...

8.8CVSS7.3AI score0.00282EPSS

Exploits0References1

NVD•added 2025/12/30 11:16 a.m.•1 views

CVE-2025-69092

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows DOM-Based XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.5.3...

6.5CVSS0.00024EPSS

Exploits0References1

Positive Technologies•added 2025/12/30 12:0 a.m.•1 views

PT-2025-53919

Name of the Vulnerable Software and Affected Versions WPDeveloper Essential Addons for Elementor versions through 6.5.3 Description The software contains a flaw related to improper input handling during web page creation, leading to a Cross-site Scripting XSS condition. Specifically, the issue...

6.1AI score0.00024EPSS

Exploits0References3

Positive Technologies•added 2025/10/31 12:0 a.m.•2 views

PT-2025-44604

Name of the Vulnerable Software and Affected Versions WPDeveloper Essential Addons for Elementor versions through 6.2.4 Description A missing authorization issue exists in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite. This allows exploitation of incorrectly...

2.7CVSS6.5AI score0.00034EPSS

Exploits0References4