Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
204921	4.3	警告	Adazing	-	WordPress 用 Morning Coffee テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3862	2012-03-5 11:08	2011-09-28	Show	GitHub Exploit DB Packet Storm

204922	4.3	警告	WebMinimalist	-	WordPress 用 Web Minimalist 200901 テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3861	2012-03-5 11:07	2011-09-28	Show	GitHub Exploit DB Packet Storm

204923	4.3	警告	One Designs	-	WordPress 用 Cover WP テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3860	2012-03-5 11:07	2011-09-28	Show	GitHub Exploit DB Packet Storm

204924	4.3	警告	ThemeHybrid	-	WordPress 用 Trending テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3859	2012-03-5 11:06	2011-09-28	Show	GitHub Exploit DB Packet Storm

204925	4.3	警告	zespia	-	WordPress 用 Pixiv Custom テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3858	2012-03-5 11:06	2011-09-28	Show	GitHub Exploit DB Packet Storm

204926	4.3	警告	Antisocial Media LLC	-	WordPress 用 Antisnews テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3857	2012-03-5 11:05	2011-09-28	Show	GitHub Exploit DB Packet Storm

204927	4.3	警告	A Tasty Pixel	-	WordPress 用 Elegant Grunge テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3856	2012-03-5 11:05	2011-09-28	Show	GitHub Exploit DB Packet Storm

204928	4.3	警告	Graph Paper Press	-	WordPress 用 F8 Lite テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3855	2012-03-5 11:04	2011-09-28	Show	GitHub Exploit DB Packet Storm

204929	4.3	警告	Quirm	-	WordPress 用 ZenLite テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3854	2012-03-5 11:04	2011-09-28	Show	GitHub Exploit DB Packet Storm

204930	4.3	警告	ThemeHybrid	-	WordPress 用 Hybrid テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3853	2012-03-5 11:04	2011-09-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 9, 2025, 4:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
861	-		-	-	The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.9.0. This is due to the software allowing users to execute an …	CWE-94 Code Injection	CVE-2024-12415	2025-02-1 01:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

862	5.3	MEDIUM Network	-	-	The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress is vulnerable to limited arbitrary file deletion due to insufficient file path validation in the dnd_codedropz_upload_dele…	CWE-73 CWE-862 External Control of File Name or Path Missing Authorization	CVE-2024-12267	2025-02-1 01:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

863	-		-	-	The A5 Custom Login Page WordPress plugin through 2.8.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used…	-	CVE-2024-13226	2025-02-1 01:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

864	-		-	-	The ECT Home Page Products WordPress plugin through 1.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used…	-	CVE-2024-13225	2025-02-1 01:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

865	-		-	-	The SlideDeck 1 Lite Content Slider WordPress plugin through 1.4.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which co…	-	CVE-2024-13224	2025-02-1 01:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

866	-		-	-	The Tabulate WordPress plugin through 2.10.3 does not sanitise and escape some parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used agai…	-	CVE-2024-13223	2025-02-1 01:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

867	-		-	-	The User Messages WordPress plugin through 1.2.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used agains…	-	CVE-2024-13222	2025-02-1 01:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

868	-		-	-	The Fantastic ElasticSearch WordPress plugin through 4.1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be u…	-	CVE-2024-13221	2025-02-1 01:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

869	-		-	-	The WordPress Google Map Professional (Map In Your Language) WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-…	-	CVE-2024-13220	2025-02-1 01:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

870	-		-	-	The Privacy Policy Genius WordPress plugin through 2.0.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be use…	-	CVE-2024-13219	2025-02-1 01:15	2025-01-31	Show	GitHub Exploit DB Packet Storm