Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (3 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-24718 2 Swit, Wordpress 2 Wp Sessions Time Monitoring Full Automatic, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in activity-log.com WP Sessions Time Monitoring Full Automatic activitytime allows Reflected XSS.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through <= 1.1.1.
CVE-2024-49681 1 Swit 1 Wp Sessions Time Monitoring Full Automatic 2026-04-01 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in activity-log.com WP Sessions Time Monitoring Full Automatic activitytime allows SQL Injection.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through <= 1.0.9.
CVE-2023-5203 1 Swit 1 Wp Sessions Time Monitoring Full Automatic 2024-11-21 7.5 High
The WP Sessions Time Monitoring Full Automatic WordPress plugin before 1.0.9 does not sanitize the request URL or query parameters before using them in an SQL query, allowing unauthenticated attackers to extract sensitive data from the database via blind time based SQL injection techniques, or in some cases an error/union based technique.