Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ckeditor ckeditor vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-5191
Cross-site scripting (XSS) vulnerability in the Preview plugin prior to 4.4.3 in CKEditor allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ckeditor Ckeditor
Ckeditor Ckeditor 4.4.0
Ckeditor Ckeditor 4.4.1
4.3
CVSSv2
CVE-2012-4000
Cross-site scripting (XSS) vulnerability in the print_textinputs_var function in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor 2.6.7 and previous versions allows remote malicious users to inject arbitrary web script or HTML via textinput...
Ckeditor Fckeditor
Ckeditor Fckeditor 0.8
Ckeditor Fckeditor 0.8.5
Ckeditor Fckeditor 0.9.0
Ckeditor Fckeditor 0.9.1
Ckeditor Fckeditor 0.9.2
Ckeditor Fckeditor 0.9.3
Ckeditor Fckeditor 0.9.4
Ckeditor Fckeditor 0.9.5
Ckeditor Fckeditor 1.0
Ckeditor Fckeditor 1.1
Ckeditor Fckeditor 1.2
1 EDB exploit
4.3
CVSSv2
CVE-2012-2066
Cross-site scripting (XSS) vulnerability in the FCKeditor module 6.x-2.x prior to 6.x-2.3 and the CKEditor module 6.x-1.x prior to 6.x-1.9 and 7.x-1.x prior to 7.x-1.7 for Drupal allows remote authenticated users or remote malicious users to inject arbitrary web script or HTML vi...
Ckeditor Fckeditor 6.x-1.1
Ckeditor Fckeditor 6.x-1.2
Ckeditor Fckeditor 6.x-1.2-1
Ckeditor Fckeditor 6.x-1.3
Ckeditor Fckeditor 6.x-1.4
Ckeditor Fckeditor 6.x-1.x
Ckeditor Fckeditor 6.x-2.0
Ckeditor Fckeditor 6.x-2.1
Ckeditor Fckeditor 6.x-2.2
Ckeditor Fckeditor 6.x-2.3
Ckeditor Fckeditor 6.x-2.x
Ckeditor Ckeditor 6.x-1.0
6.8
CVSSv2
CVE-2012-2067
Unspecified vulnerability in the CKeditor module 6.x-2.x prior to 6.x-2.3 and the CKEditor module 6.x-1.x prior to 6.x-1.9 and 7.x-1.x prior to 7.x-1.7 for Drupal, when the core PHP module is enabled, allows remote authenticated users or remote malicious users to execute arbitrar...
Ckeditor Fckeditor 6.x-1.1
Ckeditor Fckeditor 6.x-1.2
Ckeditor Fckeditor 6.x-1.2-1
Ckeditor Fckeditor 6.x-1.3
Ckeditor Fckeditor 6.x-1.4
Ckeditor Fckeditor 6.x-1.x
Ckeditor Fckeditor 6.x-2.0
Ckeditor Fckeditor 6.x-2.1
Ckeditor Fckeditor 6.x-2.2
Ckeditor Fckeditor 6.x-2.3
Ckeditor Fckeditor 6.x-2.x
Ckeditor Ckeditor 6.x-1.0
6.5
CVSSv3
CVE-2021-21391
CKEditor 5 provides a WYSIWYG editing solution. This CVE affects the following npm packages: ckeditor5-engine, ckeditor5-font, ckeditor5-image, ckeditor5-list, ckeditor5-markdown-gfm, ckeditor5-media-embed, ckeditor5-paste-from-office, and ckeditor5-widget. Following an internal ...
Ckeditor Ckeditor5-engine
Ckeditor Ckeditor5-font
Ckeditor Ckeditor5-image
Ckeditor Ckeditor5-list
Ckeditor Ckeditor5-markdown-gfm
Ckeditor Ckeditor5-media-embed
Ckeditor Ckeditor5-paste-from-office
Ckeditor Ckeditor5-widget
6.1
CVSSv3
CVE-2018-17960
CKEditor 4.x prior to 4.11.0 allows user-assisted XSS involving a source-mode paste.
Ckeditor Ckeditor
6.1
CVSSv3
CVE-2024-24815
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsing module in versions of CKEditor4 before 4.24.0-lts. It may affect all editor instances that enabled full-page editing mode or ena...
Ckeditor Ckeditor
6.1
CVSSv3
CVE-2024-24816
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions before 4.24.0-lts in samples that use the `preview` feature. All integrators that use these samples in the production code can ...
Ckeditor Ckeditor
1 Github repository
6.1
CVSSv3
CVE-2024-43407
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the...
Ckeditor Ckeditor
6.1
CVSSv3
CVE-2022-48110
CKSource CKEditor 5 35.4.0 exists to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget. NOTE: the vendor's position is that this is not a vulnerability. The CKEditor 5 documentation discusses that it is the responsibility of an integra...
Ckeditor Ckeditor 35.4.0
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
kernel
CVE-2025-22654
CVE-2025-0108
memory leak
CVE-2025-1447
CVE-2025-24200
XML external entity
CVE-2025-25475
CVE-2024-13663
wedevs
bypass
rameez iqbal
visualizer
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »