Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (24 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2021-24673 1 Dwbooster 1 Appointment Hour Booking 2024-11-21 4.8 Medium
The Appointment Hour Booking WordPress plugin before 1.3.16 does not escape some of the Calendar Form settings, allowing high privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
CVE-2021-24498 1 Dwbooster 1 Calendar Event Multi View 2024-11-21 6.1 Medium
The Calendar Event Multi View WordPress plugin before 1.4.01 does not sanitise or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php), leading to a reflected Cross-Site Scripting issue.
CVE-2019-13505 1 Dwbooster 1 Appointment Hour Booking 2024-11-21 6.1 Medium
The Appointment Hour Booking plugin 1.1.44 for WordPress allows XSS via the E-mail field, as demonstrated by email_1.
CVE-2017-18579 1 Dwbooster 1 Corner Ad 2024-11-21 N/A
The corner-ad plugin before 1.0.8 for WordPress has XSS.