Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252821	4.3	警告	Opera Software ASA	-	Opera におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3266	2010-09-27 16:14	2009-09-18	Show	GitHub Exploit DB Packet Storm

252822	4.3	警告	Opera Software ASA	-	Opera におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3265	2010-09-27 16:14	2009-09-18	Show	GitHub Exploit DB Packet Storm

252823	5	警告	Opera Software ASA	-	Opera の X.509 証明書における SSLサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2009-3044	2010-09-27 16:13	2009-09-1	Show	GitHub Exploit DB Packet Storm

252824	4.3	警告	Opera Software ASA	-	Opera における data: URI をブロックしない脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3013	2010-09-27 16:13	2009-08-31	Show	GitHub Exploit DB Packet Storm

252825	5	警告	Opera Software ASA	-	Opera におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-2577	2010-09-27 16:12	2009-07-22	Show	GitHub Exploit DB Packet Storm

252826	4.3	警告	Opera Software ASA	-	Opera におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-2540	2010-09-27 16:11	2009-07-20	Show	GitHub Exploit DB Packet Storm

252827	4.3	警告	Opera Software ASA	-	Opera における javascript: URI をブロックしない脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-2351	2010-09-27 16:11	2009-07-7	Show	GitHub Exploit DB Packet Storm

252828	6.8	警告	Opera Software ASA	-	Opera における任意の https サイトになりすまされる脆弱性	CWE-287 不適切な認証	CVE-2009-2070	2010-09-27 16:11	2009-06-15	Show	GitHub Exploit DB Packet Storm

252829	6.8	警告	Opera Software ASA	-	Opera における任意の Web スクリプトを実行される脆弱性	CWE-287 不適切な認証	CVE-2009-2067	2010-09-27 16:10	2009-06-15	Show	GitHub Exploit DB Packet Storm

252830	6.8	警告	Opera Software ASA	-	Opera における任意の Web スクリプトを実行される脆弱性	CWE-287 不適切な認証	CVE-2009-2063	2010-09-27 16:10	2009-06-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266541	8.8	HIGH Network	simpolio_project	simpolio	The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates.	CWE-276 Incorrect Default Permissions	CVE-2015-9474	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266542	7.5	HIGH Network	estrutura-basica_project	estrutura-basica	The estrutura-basica theme through 2015-09-13 for WordPress has directory traversal via the scripts/download.php arquivo parameter.	CWE-22 Path Traversal	CVE-2015-9473	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266543	6.1	MEDIUM Network	monitorbacklinks	incoming_links	The incoming-links plugin before 0.9.10b for WordPress has referrers.php XSS via the Referer HTTP header.	CWE-79 Cross-site Scripting	CVE-2015-9472	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266544	9.8	CRITICAL Network	digitalzoomstudio	zoomsounds	The dzs-zoomsounds plugin through 2.0 for WordPress has admin/upload.php arbitrary file upload.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2015-9471	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266545	7.5	HIGH Network	ionadas	history_collection	The history-collection plugin through 1.1.1 for WordPress has directory traversal via the download.php var parameter.	CWE-22 Path Traversal	CVE-2015-9470	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266546	4.8	MEDIUM Network	cybercraftit	content-grabber	The content-grabber plugin 1.0 for WordPress has XSS via obj_field_name or obj_field_id.	CWE-79 Cross-site Scripting	CVE-2015-9469	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266547	6.1	MEDIUM Network	k-78	broken_link_manager	The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action.	CWE-79 Cross-site Scripting	CVE-2015-9468	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266548	9.8	CRITICAL Network	k-78	broken_link_manager	The broken-link-manager plugin before 0.5.0 for WordPress has wpslDelURL or wpslEditURL SQL injection via the url parameter.	CWE-89 SQL Injection	CVE-2015-9467	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266549	9.8	CRITICAL Network	webtechideas	wti_like_post	The wti-like-post plugin before 1.4.3 for WordPress has WtiLikePostProcessVote SQL injection via the HTTP_CLIENT_IP, HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_FORWARDED_FOR, or HTTP_FORWARDED vari…	CWE-89 SQL Injection	CVE-2015-9466	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266550	8.8	HIGH Network	yet_another_stars_rating_project	yet_another_stars_rating	The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter.	CWE-89 SQL Injection	CVE-2015-9465	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm