Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227631	7.5	危険	Jason Sexauer	-	ChurchCMS の admin.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-6507	2013-01-25 14:23	2013-01-24	Show	GitHub Exploit DB Packet Storm

227632	4.3	警告	Zingiri	-	WordPress 用 Zingiri Web Shop プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6506	2013-01-25 14:22	2012-04-28	Show	GitHub Exploit DB Packet Storm

227633	4.3	警告	Shawn Bradley	-	PHP Volunteer Management におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6505	2013-01-25 14:20	2013-01-24	Show	GitHub Exploit DB Packet Storm

227634	7.5	危険	Shawn Bradley	-	PHP Volunteer Management における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-6504	2013-01-25 14:20	2013-01-24	Show	GitHub Exploit DB Packet Storm

227635	10	危険	Ninja Forge	-	Joomla! 用 NinjaXplorer コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-6503	2013-01-25 14:19	2012-04-26	Show	GitHub Exploit DB Packet Storm

227636	5.8	警告	GNU Project	-	GnuPG の g10/import.c における公開鍵リングのデータベースを破壊される脆弱性	CWE-20 不適切な入力確認	CVE-2012-6085	2013-01-25 14:18	2012-12-6	Show	GitHub Exploit DB Packet Storm

227637	4.3	警告	Cenango Financial LLC	-	WikidForum におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2099	2013-01-25 14:17	2012-04-12	Show	GitHub Exploit DB Packet Storm

227638	6.8	警告	Sitecom	-	Sitecom WLM-2501 におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-1922	2013-01-25 14:16	2013-01-24	Show	GitHub Exploit DB Packet Storm

227639	4.3	警告	Simple Realty Themes	-	WordPress 用 Advanced Text Widget プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4618	2013-01-25 14:15	2013-01-24	Show	GitHub Exploit DB Packet Storm

227640	4.3	警告	IBM	-	WebSphere Application Server (WAS) におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	-	2013-01-25 12:01	2013-01-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195151	6.1	MEDIUM Network	updraftplus	updraftplus	The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.69 does not sanitise and escape the updraft_restore parameter before outputting it back in the Restore page, leading to a Reflecte…	-	CVE-2021-25089	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

195152	6.1	MEDIUM Network	pluginus	woocommerce_products_filter	The WOOF WordPress plugin before 1.2.6.3 does not sanitise and escape the woof_redraw_elements before outputing back in an admin page, leading to a Reflected Cross-Site Scripting	-	CVE-2021-25085	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

195153	6.5	MEDIUM Network	nextscripts	social_networks_auto_poster	The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.25 does not have CSRF check in place when deleting items, allowing attacker to make a logged in admin delete arbitrary posts v…	-	CVE-2021-25072	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

195154	6.1	MEDIUM Network	cf7skins	contact_form_7_skins	The Skins for Contact Form 7 WordPress plugin before 2.5.1 does not sanitise and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting	-	CVE-2021-25063	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

195155	6.1	MEDIUM Network	asset_cleanup\	_page_speed_booster_project	The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not sanitise and escape POSted parameters sent to the wpassetcleanup_fetch_active_plugins_icons AJAX action (available to ad…	CWE-79 Cross-site Scripting	CVE-2021-24983	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

195156	6.1	MEDIUM Network	nextscripts	social_networks_auto_poster	The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.24 does not sanitise and escape logged requests before outputting them in the related admin dashboard, leading to an Unauthent…	-	CVE-2021-24975	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

195157	4.8	MEDIUM Network	cusmin	absolutely_glamorous_custom_admin	The Custom Dashboard & Login Page WordPress plugin before 7.0 does not sanitise some of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_ht…	-	CVE-2021-24944	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

195158	6.1	MEDIUM Network	asset_cleanup\	_page_speed_booster_project	The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not escape the wpacu_selected_sub_tab_area parameter before outputting it back in an attribute in an admin page, leading to …	-	CVE-2021-24937	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

195159	6.1	MEDIUM Network	yellowpencil	visual_css_style_editor	The Visual CSS Style Editor WordPress plugin before 7.5.4 does not sanitise and escape the wyp_page_type parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Script…	-	CVE-2021-24934	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

195160	6.1	MEDIUM Network	domaincheckplugin	domain_check	The Domain Check WordPress plugin before 1.0.17 does not sanitise and escape the domain parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting issue	CWE-79 Cross-site Scripting	CVE-2021-24926	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm