Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / drupal

drupal

509 tracked vulnerabilities.

CVE-2025-10930 MEDIUM

Drupal Currency < 3.5.0 - Cross-Site Request Forgery

CVE-2025-10929 MEDIUM

Drupal Reverse Proxy Header <1.1.2 - Info Disclosure

CVE-2025-10928 MEDIUM

Drupal Access code < 2.0.5 - Brute Force via Excessive Authentication Attempts

CVE-2025-10927 MEDIUM

Plausible tracking < 1.0.2 - Cross-Site Scripting

CVE-2025-10926 MEDIUM

Drupal JSON Field < 1.5 - Cross-Site Scripting

CVE-2025-9551 MEDIUM

Drupal Protected Pages <1.8.0 - Auth Bypass

CVE-2025-48915 HIGH

Drupal COOKiES Consent Mgmt <1.2.15 - XSS

CVE-2025-48914 HIGH

Drupal COOKiES Consent Mgmt <1.2.15 - XSS

CVE-2025-48448 MEDIUM

Drupal Admin Audit Trail <1.0.5 - Info Disclosure

CVE-2025-48447 HIGH

Drupal Lightgallery < 1.6.0 - Cross-Site Scripting

CVE-2025-48446 HIGH

Drupal Commerce Alphabank Redirect <1.0.3 - Auth Bypass

CVE-2025-48445 HIGH

Drupal Commerce Eurobank (Redirect) <2.1.1 - Functionality Misuse

CVE-2025-48444 MEDIUM

Drupal Quick Node Block <2.0.0 - Info Disclosure

CVE-2025-48013 MEDIUM

Drupal Quick Node Block < 2.0.0 - Missing Authorization

CVE-2025-3474 MEDIUM

Drupal Panels < 4.9 - Unauthenticated Access Control Bypass via Incorrectly Configured Security Levels

CVE-2025-3131 MEDIUM

Drupal ECA < 1.1.12, 2.0.0-2.0.15, 2.1.0-2.1.6 - Cross-Site Request Forgery

CVE-2025-3130 MEDIUM

Drupal Obfuscate < 2.0.1 - Stored Cross-Site Scripting

CVE-2025-3057 MEDIUM

Drupal 8.0.0-10.3.12, 10.4.0-10.4.2, 11.0.0-11.0.11, 11.1.0-11.1.2 - Cross-Site Scripting

CVE-2025-31697 MEDIUM

Drupal Formatter Suite <2.1.0 - XSS

CVE-2025-31696 MEDIUM

Drupal RapiDoc OAS Field Formatter <1.0.1 - XSS

CVE-2025-31695 MEDIUM

Drupal Link field display mode formatter < 1.6.0 - Cross-Site Scripting

CVE-2025-31694 HIGH

Drupal Two-factor Authentication < 1.10.0 - Authentication Bypass via Forceful Browsing

CVE-2025-31693 MEDIUM

Drupal AI <1.0.5 - Command Injection

CVE-2025-31692 HIGH

Drupal AI <1.0.5 - Command Injection

CVE-2025-31691 CRITICAL

Drupal OAuth2 Server <2.1.0 - Info Disclosure

Previous Page 3 of 21 Next

Products

drupal 273 core 91 core-recommended 6 project_issue_tracking_module 6 Drupal core 5 print 5 aggregation_module 4 ai 4 everyblog 4 project 4 ubercart_module 4 Drupal Core 3 OpenID Connect / OAuth client 3 content_construction_kit 3 drupal_project_issue_tracking 3 shindig-integrator 3 File Access Fix (deprecated) 2 activity 2 ajax_checklist 2 artificial_intelligence 2 bibliography_module 2 brilliant_gallery 2 chatroom_module 2 civictheme 2 cookies_consent_management 2 custom_search_module 2 data 2 database_administration_module 2 drupal_easylinks_module 2 google_tag 2

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy