Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2023/11/13 12:15 a.m.12 views

CVE-2023-26516

Cross-Site Request Forgery CSRF vulnerability in WPIndeed Debug Assistant plugin = 1.4 versions...

8.8CVSS0.00096EPSS
Exploits0References1
CVE
CVEadded 2023/11/12 11:48 p.m.71 views

CVE-2023-26516

CVE-2023-26516 is a CSRF vulnerability in the WordPress WPIndeed Debug Assistant plugin (versions ≤ 1.4). The described root cause is unauthorized CSRF execution that can affect unauthenticated users, with impacts stated as high confidentiality, integrity, and availability by CVSS 3.1 metrics (8....

8.8CVSS8.8AI score0.00096EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/11/12 11:48 p.m.13 views

CVE-2023-26516 WordPress Debug Assistant Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in WPIndeed Debug Assistant plugin = 1.4 versions...

8.8CVSS9AI score0.00096EPSS
Exploits0References1
Patchstack
Patchstackadded 2023/02/28 12:0 a.m.9 views

WordPress Debug Assistant Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Debug Assistant Type Plugin Vulnerable versions = 1.4 Fixed in 1.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-26516 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 29fe448c29d4 Credits Prasanna V Balaji...

8.8CVSS7AI score0.00096EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2022/04/20 4:15 p.m.7 views

CVE-2022-26516

Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment...

8.4CVSS0.00076EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2022/04/20 3:30 p.m.5 views

CVE-2022-26516 ICSA-22-104-03 Red Lion DA50N

Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment...

8.4CVSS8.4AI score0.00076EPSS
Exploits0References1
CVE
CVEadded 2022/04/20 3:30 p.m.71 views

CVE-2022-26516

CVE-2022-26516 affects Red Lion DA50N gateways. The weakness is Insufficient Verification of Data Authenticity (web UI update process), allowing an authorized user to install a maliciously modified package file if it’s sourced from unauthorized or compromised files between download and deployment...

8.4CVSS7.8AI score0.00076EPSS
Exploits0References1Affected Software1
ICS
ICSadded 2022/04/14 12:0 a.m.85 views

Red Lion DA50N

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Red Lion Equipment: DA50N Vulnerabilities: Insufficient Verification of Data Authenticity, Weak Password Requirements, Use of Unmaintained Third-Party Components, Insufficiently Protected Credentials 2...

10CVSS7.5AI score0.00219EPSS
Exploits0References5
CVE
CVEadded 2021/06/08 12:28 p.m.40 views

CVE-2020-26516

The CVE-2020-26516 issue affects Intland codeBeamer ALM (versions 10.x through 10.1.SP4). The root cause is missing CSRF tokens in requests that trigger server actions, allowing crafted requests to cause a victim’s browser to perform undesired actions within the web application. The NVD entry lis...

8.8CVSS8.6AI score0.00221EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder