Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
220981 4.3 警告 Thomas Doki-Thonon - WordPress 用 WPCB プラグインの facture.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4581 2014-07-7 18:26 2014-06-4 Show GitHub Exploit DB Packet Storm
220982 4.3 警告 Yahoo! Updates for WordPress plugin project - WordPress 用 Yahoo! Updates for WordPress プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4603 2014-07-7 18:26 2014-05-28 Show GitHub Exploit DB Packet Storm
220983 4.3 警告 Style It project - WordPress 用 Style It プラグインの fonts/font-form.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4555 2014-07-7 18:26 2014-04-25 Show GitHub Exploit DB Packet Storm
220984 4.3 警告 Alipay - WordPress 用 Wu-Rating プラグインの wu-ratepost.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4601 2014-07-7 18:26 2014-06-12 Show GitHub Exploit DB Packet Storm
220985 4.3 警告 WP Timersys - WordPress 用 WP Social Invitations プラグインの test.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4597 2014-07-7 18:26 2014-01-30 Show GitHub Exploit DB Packet Storm
220986 4.3 警告 Stranger Studios - WordPress 用 SS Downloads プラグインの templates/download.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4554 2014-07-7 18:26 2014-05-28 Show GitHub Exploit DB Packet Storm
220987 4.3 警告 ZeenShare project - WordPress 用 ZeenShare プラグインの redirect_to_zeenshare.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4606 2014-07-7 18:26 2014-01-11 Show GitHub Exploit DB Packet Storm
220988 4.3 警告 Smackcoders - WordPress 用 WP Ultimate Email Marketer プラグインの contact/edit.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4600 2014-07-7 18:26 2014-04-25 Show GitHub Exploit DB Packet Storm
220989 4.3 警告 RuslanY Blog - WordPress 用 WP Silverlight Media Player プラグインの uploader.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4589 2014-07-7 18:26 2014-04-25 Show GitHub Exploit DB Packet Storm
220990 4.3 警告 techteam internet services - WordPress 用 WP-Business Directory プラグインの forms/search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4599 2014-07-7 18:26 2014-04-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293401 - themebeans blooog_theme Cross-site scripting (XSS) vulnerability in ThemeBeans Blooog theme 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the jQuery parameter to assets/js/jplayer.swf. CWE-79
Cross-site Scripting 		CVE-2013-7129 2024-11-21 11:00 2013-12-18 Show GitHub Exploit DB Packet Storm
293402 - valvesoftware steamos Valve Bug Reporter in the valve-bugreporter package 2.10+bsos1 in Valve SteamOS Beta stores cleartext credentials in a .valve-bugreporter.cfg file upon a Remember Credentials action, which allows loc… CWE-310
Cryptographic Issues 		CVE-2013-7128 2024-11-21 11:00 2013-12-18 Show GitHub Exploit DB Packet Storm
293403 - apple safari
mac_os_x 		Apple Safari 6.0.5 on Mac OS X 10.7.5 and 10.8.5 stores cleartext credentials in LastSession.plist, which allows local users to obtain sensitive information by reading this file. CWE-310
Cryptographic Issues 		CVE-2013-7127 2024-11-21 11:00 2013-12-18 Show GitHub Exploit DB Packet Storm
293404 - cisco webex_training_center Open redirect vulnerability in Cisco WebEx Training Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul36031. CWE-20
 Improper Input Validation  		CVE-2013-6966 2024-11-21 11:00 2013-12-17 Show GitHub Exploit DB Packet Storm
293405 - cisco webex_training_center Cisco WebEx Training Center allows remote attackers to discover registration IDs via a crafted URL, aka Bug ID CSCul57121. CWE-200
Information Exposure 		CVE-2013-6973 2024-11-21 11:00 2013-12-15 Show GitHub Exploit DB Packet Storm
293406 - cisco webex_training_center Cisco WebEx Training Center allows remote attackers to discover session numbers, and bypass host approval for audio-conference attendance, by reading HTML source code, aka Bug ID CSCul57126. CWE-200
Information Exposure 		CVE-2013-6972 2024-11-21 11:00 2013-12-15 Show GitHub Exploit DB Packet Storm
293407 - cisco webex_training_center Open redirect vulnerability in Cisco WebEx Training Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul57140. CWE-20
 Improper Input Validation  		CVE-2013-6971 2024-11-21 11:00 2013-12-15 Show GitHub Exploit DB Packet Storm
293408 - cisco webex_meeting_center Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information by reading verbose error messages within server responses, aka Bug ID CSCul35928. CWE-200
Information Exposure 		CVE-2013-6970 2024-11-21 11:00 2013-12-15 Show GitHub Exploit DB Packet Storm
293409 - cisco webex_training_center The training-registration page in Cisco WebEx Training Center allows remote attackers to modify unspecified fields via unknown vectors, aka Bug ID CSCul35990. CWE-20
 Improper Input Validation  		CVE-2013-6969 2024-11-21 11:00 2013-12-15 Show GitHub Exploit DB Packet Storm
293410 - cisco webex_training_center Cisco WebEx Training Center provides different error messages for registration attempts depending on whether the e-mail address exists, which allows remote attackers to enumerate attendees via a seri… CWE-200
Information Exposure 		CVE-2013-6968 2024-11-21 11:00 2013-12-15 Show GitHub Exploit DB Packet Storm