Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

21 matches found

Circl
Circladded 2026/01/22 7:38 p.m.2 views

CVE-2026-24387

creationtimestamp| type| source ---|---|--- 2026-01-22 19:38:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mczwrwbbmm2t...

4.3CVSS5.9AI score0.00014EPSS
Exploits0References1
NVD
NVDadded 2026/01/22 5:16 p.m.4 views

CVE-2026-24387

Missing Authorization vulnerability in Arul Prasad J WP Quick Post Duplicator wp-quick-post-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Quick Post Duplicator: from n/a through = 2.1...

4.3CVSS0.00014EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/22 4:52 p.m.2 views

CVE-2026-24387

Missing Authorization vulnerability in Arul Prasad J WP Quick Post Duplicator wp-quick-post-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Quick Post Duplicator: from n/a through = 2.1...

4.3CVSS5.3AI score0.00014EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/23 4:55 a.m.9 views

CVE-2023-24387

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPdevart Organization chart plugin = 1.4.4 versions...

5.9CVSS5.6AI score0.003EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 7:21 p.m.4 views

CVE-2021-24387

The WP Pro Real Estate 7 WordPress theme before 3.1.1 did not properly sanitise the ctcommunity parameter in its search listing page before outputting it back in it, leading to a reflected Cross-Site Scripting which can be triggered in both unauthenticated or authenticated user context...

6.1CVSS6.2AI score0.42031EPSS
Exploits2References1
Circl
Circladded 2025/03/10 9:41 a.m.6 views

CVE-2025-24387

creationtimestamp| type| source ---|---|--- 2025-03-10 09:41:25+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6982 2025-03-10 11:40:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljzhrya4pe2s 2025-03-10 12:20:51+00:00| seen| https://t.me/cvedetector/19942 2025-03-10...

6.5CVSS4.8AI score0.00081EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/03/10 9:28 a.m.8 views

CVE-2025-24387 Missing CSRF protection

A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation. This issue...

4.8CVSS0.00081EPSS
Exploits0References1
Circl
Circladded 2023/04/27 9:58 a.m.4 views

CVE-2021-24387

creationtimestamp| type| source ---|---|--- 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-24387.yaml...

6.1CVSS6.8AI score0.42031EPSS
Exploits2References1
NVD
NVDadded 2023/04/06 11:15 a.m.16 views

CVE-2023-24387

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPdevart Organization chart plugin = 1.4.4 versions...

5.9CVSS5.4AI score0.003EPSS
Exploits0References1
OSV
OSVadded 2023/04/06 11:15 a.m.1 views

CVE-2023-24387

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPdevart Organization chart plugin = 1.4.4 versions...

4.8CVSS5.8AI score
Exploits0References1
CVE
CVEadded 2023/04/06 10:57 a.m.46 views

CVE-2023-24387

WPdevart Organization chart plugin for WordPress is affected in versions

5.9CVSS4.9AI score0.003EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/04/06 10:57 a.m.6 views

CVE-2023-24387 WordPress Organization chart Plugin <= 1.4.4 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPdevart Organization chart plugin = 1.4.4 versions...

5.9CVSS5.6AI score0.003EPSS
Exploits0References1
Patchstack
Patchstackadded 2023/01/27 12:0 a.m.13 views

WordPress Organization chart Plugin <= 1.4.4 is vulnerable to Cross Site Scripting (XSS)

Software Organization chart Type Plugin Vulnerable versions = 1.4.4 Fixed in 1.4.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-24387 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0fde8648ea22 Credits yuyudhn Required...

5.9CVSS5.8AI score0.003EPSS
Exploits0References2Affected Software1
Circl
Circladded 2022/03/14 3:18 p.m.0 views

CVE-2022-24387

creationtimestamp| type| source ---|---|--- 2022-03-14 15:18:07+00:00| seen| https://t.me/cibsecurity/38856 2025-01-09 08:17:35+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/920...

9.1CVSS7AI score0.00613EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2022/03/14 12:15 p.m.12 views

CVE-2022-24387 File upload and overwrite to app_data/Config in SmarterTrack v100.0.8019.14010

With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...

9.1CVSS6.9AI score0.00613EPSS
Exploits0References2
Cvelist
Cvelistadded 2022/03/14 12:15 p.m.10 views

CVE-2022-24387 File upload and overwrite to app_data/Config in SmarterTrack v100.0.8019.14010

With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...

9.1CVSS9.4AI score0.00613EPSS
Exploits0References2
CVE
CVEadded 2022/03/14 12:15 p.m.103 views

CVE-2022-24387

CVE-2022-24387 affects SmarterTrack v100.0.8019.14010. With administrator privileges, an attacker can trigger overwriting files in the app_data/Config folder, e.g., systemsettings.xml. This is a local/privilege-limited impact described in multiple feeds, with the root cause being write access to ...

9.1CVSS7.5AI score0.00613EPSS
Exploits0References3Affected Software1
NVD
NVDadded 2021/07/06 11:15 a.m.12 views

CVE-2021-24387

The WP Pro Real Estate 7 WordPress theme before 3.1.1 did not properly sanitise the ctcommunity parameter in its search listing page before outputting it back in it, leading to a reflected Cross-Site Scripting which can be triggered in both unauthenticated or authenticated user context...

6.1CVSS0.42031EPSS
Exploits2References2
Cvelist
Cvelistadded 2021/07/06 11:3 a.m.13 views

CVE-2021-24387 Real Estate 7 < 3.1.1 - Reflected Cross-Site Scripting (XSS)

The WP Pro Real Estate 7 WordPress theme before 3.1.1 did not properly sanitise the ctcommunity parameter in its search listing page before outputting it back in it, leading to a reflected Cross-Site Scripting which can be triggered in both unauthenticated or authenticated user context...

6.2AI score0.42031EPSS
Exploits2References2
CVE
CVEadded 2021/07/06 11:3 a.m.69 views

CVE-2021-24387

CVE-2021-24387 concerns the WordPress WP Pro Real Estate 7 theme (before 3.1.1). The vulnerability is a reflected cross-site scripting (XSS) caused by improper sanitization of the ct_community parameter on the search listings page, with the payload echoed back in the response. Impact is described...

6.1CVSS6.1AI score0.42031EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder