Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19 matches found

RedhatCVE
RedhatCVEadded 2025/11/26 7:58 a.m.3 views

CVE-2025-13404

The atec Duplicate Page & Post plugin for WordPress is vulnerable to unauthorized post duplication due to missing authorization validation on the duplicatepost function in all versions up to, and including, 1.2.20. This makes it possible for authenticated attackers, with Contributor-level access...

5.3CVSS5.7AI score0.00038EPSS
Exploits0References1
Circl
Circladded 2025/11/25 9:13 a.m.1 views

CVE-2025-13404

creationtimestamp| type| source ---|---|--- 2025-11-25 09:13:06+00:00| seen| https://gist.github.com/Darkcrai86/c5f531480f38ded5dcab4d547fa56ca5...

5.3CVSS5.8AI score0.00038EPSS
Exploits0References1
NVD
NVDadded 2025/11/25 8:15 a.m.4 views

CVE-2025-13404

The atec Duplicate Page & Post plugin for WordPress is vulnerable to unauthorized post duplication due to missing authorization validation on the duplicatepost function in all versions up to, and including, 1.2.20. This makes it possible for authenticated attackers, with Contributor-level access...

5.3CVSS0.00038EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/05/22 10:5 a.m.4 views

CVE-2019-13404

The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27 directory, which makes it easier for local users to deploy Trojan horse code. This also affects old 3.x releases before 3.5. NOTE: the vendor's position is that it is the user's responsibility to ensure C:\Python27...

9.3CVSS6.7AI score0.00157EPSS
Exploits0References1
Circl
Circladded 2025/01/21 9:27 a.m.4 views

CVE-2024-13404

creationtimestamp| type| source ---|---|--- 2025-01-21 09:27:07+00:00| seen| https://infosec.exchange/users/cve/statuses/113865629841252103 2025-01-21 10:01:17+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2381 2025-01-21 10:15:33+00:00| seen|...

6.1CVSS7.3AI score0.01474EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2025/01/21 9:21 a.m.5 views

CVE-2024-13404 Link Library <= 7.7.2 - Reflected Cross-Site Scripting

The Link Library plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'searchll' parameter in all versions up to, and including, 7.7.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS6.4AI score0.01474EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/01/21 9:21 a.m.17 views

CVE-2024-13404 Link Library <= 7.7.2 - Reflected Cross-Site Scripting

The Link Library plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'searchll' parameter in all versions up to, and including, 7.7.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS0.01474EPSS
Exploits0References2
CVE
CVEadded 2025/01/21 9:21 a.m.45 views

CVE-2024-13404

CVE-2024-13404 concerns the WordPress Link Library plugin. Affected: Link Library (WordPress) up to version 7.7.2. Issue: Reflected Cross-Site Scripting via the searchll parameter caused by insufficient input sanitization and output escaping. Impact: unauthenticated attackers could inject web scr...

6.1CVSS6AI score0.01474EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2021/07/13 11:15 a.m.15 views

CVE-2021-34319

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The BMPloader.dll library in affected applications lacks proper validation of user-supplied data when parsing SGI files. This could result in an out of bounds write past the end of an...

7.8CVSS0.00418EPSS
Exploits0References2
Check Point Advisories
Check Point Advisoriesadded 2020/09/01 12:0 a.m.4 views

Atos Magento Command Injection (CVE-2020-13404)

A command injection vulnerability exists in Atos Magento. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.7AI score0.017EPSS
Exploits1
Circl
Circladded 2020/08/06 12:55 a.m.0 views

CVE-2020-13404

creationtimestamp| type| source ---|---|--- 2020-08-06 00:55:12+00:00| seen| https://t.me/cibsecurity/13917 2024-10-28 16:00:05+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1262...

9CVSS8.2AI score0.017EPSS
Exploits1References2
Cvelist
Cvelistadded 2020/08/05 8:59 p.m.14 views

CVE-2020-13404

The ATOS/Sips aka Atos-Magento community module 3.0.0 to 3.0.5 for Magento allows command injection...

9AI score0.017EPSS
Exploits1References3
CVE
CVEadded 2020/08/05 8:59 p.m.37 views

CVE-2020-13404

The CVE-2020-13404 vulnerability affects the ATOS/Sips (Atos-Magento) community module for Magento, version 3.0.0 through 3.0.5. The issue is a command injection vulnerability in the module that could enable remote code execution on the affected Magento site. The reported CVSS metrics indicate a ...

9CVSS8.9AI score0.017EPSS
Exploits1References3Affected Software1
Circl
Circladded 2019/07/08 3:59 a.m.1 views

CVE-2019-13404

creationtimestamp| type| source ---|---|--- 2019-07-08 03:59:52+00:00| seen| https://t.me/cveNotify/298...

9.3CVSS7.8AI score0.00157EPSS
Exploits0References1
NVD
NVDadded 2019/07/08 1:15 a.m.8 views

CVE-2019-13404

The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27 directory, which makes it easier for local users to deploy Trojan horse code. This also affects old 3.x releases before 3.5. NOTE: the vendor's position is that it is the user's responsibility to ensure C:\Python27...

9.3CVSS7.5AI score0.00157EPSS
Exploits0References1
CVE
CVEadded 2019/07/08 12:54 a.m.181 views

CVE-2019-13404

The CVE-2019-13404 entry concerns the MSI installer for Python &lt;2.7.17 (and 3.x

9.3CVSS7.5AI score0.00157EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2019/02/13 6:0 p.m.67 views

CVE-2018-13404

CVE-2018-13404 affects Atlassian Jira Server/Data Center: VerifyPopServerConnection SSRF allows remote administrators to determine internal hosts/ports and, in some cases, obtain service information from internal network resources. Impact occurs on Jira versions: 7.6.x prior to 7.6.10, 7.7.x prio...

4.1CVSS4AI score0.00145EPSS
Exploits0References1Affected Software2
Atlassian
Atlassianadded 2018/12/03 2:58 a.m.40 views

The VerifyPopServerConnection resource was vulnerable to SSRF - CVE-2018-13404

The VerifyPopServerConnection resource in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from...

4.1CVSS2.5AI score0.00145EPSS
Exploits0Affected Software1
Atlassian
Atlassianadded 2018/12/03 2:58 a.m.32 views

The VerifyPopServerConnection resource was vulnerable to SSRF - CVE-2018-13404

The VerifyPopServerConnection resource in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from...

4.1CVSS2.5AI score0.00145EPSS
Exploits0
Rows per page
Query Builder