Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

Nuclei
Nucleiadded 19 hours ago11 views

Images to WebP < 1.9 - Authenticated Local File Inclusion

The Images to WebP WordPress plugin before version 1.9 did not validate or sanitize the tab parameter before using it in the include function. id: CVE-2021-24644 info: name: Images to WebP 1.9 - Authenticated Local File Inclusion author: Sourabh-Sahu severity: high description: | The Images to We...

7.5CVSS7.3AI score0.30489EPSS
Exploits2References2
Circl
Circladded 2026/01/24 7:3 a.m.22 views

CVE-2026-24644

creationtimestamp| type| source ---|---|--- 2026-01-24 07:03:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3md5njxs44m2h...

5AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/01/24 12:0 a.m.4 views

PT-2026-4762

CVE-2026-24644 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-24644 Published : Jan. 24, 2026, 4:15 a.m. | 1 hour, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

5.9AI score
Exploits0References1
Circl
Circladded 2025/09/11 1:37 p.m.3 views

CVE-2021-24644

creationtimestamp| type| source ---|---|--- 2025-09-11 13:37:27+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-24644.yaml 2025-09-16 21:02:27+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lyy7rtsuy327...

7.5CVSS7.3AI score0.30489EPSS
Exploits2References2
RedhatCVE
RedhatCVEadded 2025/05/22 9:4 p.m.5 views

CVE-2021-24644

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include function, which could lead to a Local File Inclusion issue...

7.5CVSS6.7AI score0.30489EPSS
Exploits2References1
NVD
NVDadded 2025/01/24 6:15 p.m.8 views

CVE-2025-24644

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels print-invoices-packing-slip-labels-for-woocommerce allows Stored XSS.This issue affects WooCommerce PDF Invoice...

5.9CVSS0.00194EPSS
Exploits0References1
CVE
CVEadded 2025/01/24 5:24 p.m.55 views

CVE-2025-24644

CVE-2025-24644 affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels (WebToffee) versions up to 4.7.1. Root cause: improper neutralization of input during web page generation, enabling stored XSS. Public references indicate remediation to version 4.7.2 (update requir...

5.9CVSS7.2AI score0.00194EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2025/01/24 5:24 p.m.12 views

CVE-2025-24644 WordPress WooCommerce PDF Invoices plugin <= 4.7.1 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels print-invoices-packing-slip-labels-for-woocommerce allows Stored XSS.This issue affects WooCommerce PDF Invoice...

5.9CVSS0.00194EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/01/24 5:24 p.m.8 views

CVE-2025-24644 WordPress WooCommerce PDF Invoices plugin <= 4.7.1 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels print-invoices-packing-slip-labels-for-woocommerce allows Stored XSS.This issue affects WooCommerce PDF Invoice...

5.9CVSS8.6AI score0.00194EPSS
Exploits0References1
Circl
Circladded 2022/06/02 7:35 a.m.2 views

CVE-2022-24644

creationtimestamp| type| source ---|---|--- 2022-06-02 07:35:22+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/2370 2023-01-14 12:57:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/7548 2023-01-15 14:05:50+00:00| published-proof-of-concept|...

8.8CVSS8.1AI score0.10839EPSS
Exploits2References3
OSV
OSVadded 2022/03/10 5:46 p.m.3 views

CVE-2022-24644

ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit this vulnerability, a user must trigger an update of an affected installation of KeyMouse...

8.8CVSS7.8AI score0.10839EPSS
Exploits2References2
ATTACKERKB
ATTACKERKBadded 2022/03/10 5:46 p.m.3 views

CVE-2022-24644

ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit this vulnerability, a user must trigger an update of an affected installation of KeyMouse...

8.8CVSS7.8AI score0.10839EPSS
Exploits2References3
CVE
CVEadded 2022/03/07 9:55 p.m.91 views

CVE-2022-24644

CVE-2022-24644 affects ZZ Inc. KeyMouse Windows 3.08 and earlier. The vulnerability is a remote code execution that can be triggered when an affected KeyMouse installation performs an unauthenticated update. The root cause is tied to the update process, and exploitation requires triggering a prod...

8.8CVSS9.1AI score0.10839EPSS
Exploits2References2Affected Software1
GithubExploit
GithubExploitadded 2022/03/04 6:26 p.m.102 views

Exploit for Download of Code Without Integrity Check in Zzinc Keymouse_Firmware

CVE-2022-24644 ZZ Inc. KeyMouse 3.08 Windows Unauthenticat...

8.8CVSS8.9AI score0.10839EPSS
Exploits2
OSV
OSVadded 2021/11/23 8:15 p.m.1 views

CVE-2021-24644

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include function, which could lead to a Local File Inclusion issue...

7.5CVSS7.1AI score0.30489EPSS
Exploits2References1
NVD
NVDadded 2021/11/23 8:15 p.m.8 views

CVE-2021-24644

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include function, which could lead to a Local File Inclusion issue...

7.5CVSS0.30489EPSS
Exploits2References1
CVE
CVEadded 2021/11/23 7:16 p.m.52 views

CVE-2021-24644

CVE-2021-24644 affects the Images to WebP WordPress plugin (versions prior to 1.9). The root cause is that the tab parameter is not validated/sanitized before being passed to include(), enabling Local File Inclusion. Exploitation context in connected data indicates an authenticated LFI scenario, ...

7.5CVSS7.5AI score0.30489EPSS
Exploits2References1Affected Software1
Cvelist
Cvelistadded 2021/11/23 7:16 p.m.16 views

CVE-2021-24644 Images to WebP < 1.9 - Authenticated Local File Inclusion

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include function, which could lead to a Local File Inclusion issue...

7.7AI score0.30489EPSS
Exploits2References1
CVE
CVEadded 1976/01/01 12:0 a.m.6 views

CVE-2026-24644

This CVE entry is rejected/not used and does not represent an active vulnerability.

5.3AI score
Exploits0
CVE
CVEadded 1976/01/01 12:0 a.m.29 views

CVE-2020-24644

CVE-2020-24644 entry is rejected/not used; not an active vulnerability entry as stated.

6.9AI score
Exploits0
Rows per page
Query Builder