Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

18 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 12:33 p.m.5 views

CVE-2023-31086

Cross-Site Request Forgery CSRF vulnerability in Igor Benic Simple Giveaways – Grow your business, email lists and traffic with contests plugin = 2.46.0 versions...

8.8CVSS8.5AI score0.00053EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/04/01 8:58 p.m.13 views

CVE-2025-31086 WordPress Product Table by WBW plugin <= 2.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WBW Plugins Product Table by WBW woo-product-tables allows Reflected XSS.This issue affects Product Table by WBW: from n/a through = 2.1.4...

7.1CVSS0.00219EPSS
Exploits0References1
CVE
CVEadded 2025/04/01 8:58 p.m.48 views

CVE-2025-31086

CVE-2025-31086 affects the WordPress plugin Product Table by WBW . The vulnerability is a reflected XSS caused by improper neutralization of input during web page generation. Affected versions are listed as up to 2.1.4 (n/a through 2.1.4). The CVSSv3.1 base metrics cite a 7.1 HIGH score with netw...

7.1CVSS7.2AI score0.00219EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/04/01 8:58 p.m.4 views

CVE-2025-31086 WordPress Product Table by WBW plugin <= 2.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nick McReynolds Product Table by WBW allows Reflected XSS. This issue affects Product Table by WBW: from n/a through 2.1.4...

7.1CVSS7.1AI score0.00219EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/04/01 4:39 p.m.3 views

WordPress Product Table by WBW plugin <= 2.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Product Table by WBW versions = 2.1.4...

7.1CVSS7AI score0.00219EPSS
Exploits0Affected Software1
NVD
NVDadded 2024/04/15 8:15 a.m.10 views

CVE-2024-31086

Cross-Site Request Forgery CSRF vulnerability in Venugopal Change default login logo,url and title allows Cross-Site Scripting XSS.This issue affects Change default login logo,url and title: from n/a through 2.0...

7.1CVSS6.7AI score0.00089EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/04/15 7:46 a.m.15 views

CVE-2024-31086 WordPress Change default login logo,url and title plugin <= 2.0 - CSRF to XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Venugopal Change default login logo,url and title allows Cross-Site Scripting XSS.This issue affects Change default login logo,url and title: from n/a through 2.0...

7.1CVSS6.8AI score0.00089EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/04/15 7:46 a.m.23 views

CVE-2024-31086 WordPress Change default login logo,url and title plugin <= 2.0 - CSRF to XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Venugopal Change default login logo,url and title allows Cross-Site Scripting XSS.This issue affects Change default login logo,url and title: from n/a through 2.0...

7.1CVSS6.6AI score0.00089EPSS
Exploits0References1
CVE
CVEadded 2024/04/15 7:46 a.m.62 views

CVE-2024-31086

CVE-2024-31086 is a CSRF-to-XSS vulnerability in the WordPress plugin “Change default login logo-url-and-title” affecting versions up to 2.0. The issue arises from a CSRF flaw that can lead to XSS on login page customization. No vendor-specific remediation or patch details are provided in the con...

7.1CVSS8.5AI score0.00089EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/03/29 12:0 a.m.13 views

WordPress Change default login logo,url and title Plugin <= 2.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Change default login logo,url and title Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31086 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 9e9f68e4407b Credits...

7.1CVSS6.6AI score0.00089EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2023/11/09 11:15 p.m.13 views

CVE-2023-31086

Cross-Site Request Forgery CSRF vulnerability in Igor Benic Simple Giveaways – Grow your business, email lists and traffic with contests plugin = 2.46.0 versions...

8.8CVSS0.00053EPSS
Exploits0References1
CVE
CVEadded 2023/11/09 10:57 p.m.31 views

CVE-2023-31086

CVE-2023-31086 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress plugin Simple Giveaways (Igor Benic) versions

8.8CVSS8.9AI score0.00053EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2023/04/24 12:0 a.m.7 views

WordPress Simple Giveaways Plugin <= 2.46.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Simple Giveaways Type Plugin Vulnerable versions = 2.46.0 Fixed in 2.46.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-31086 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 9da67a144aac Credits Mika Required...

8.8CVSS7AI score0.00053EPSS
Exploits0References2Affected Software1
Circl
Circladded 2022/06/28 12:35 a.m.3 views

CVE-2022-31086

creationtimestamp| type| source ---|---|--- 2022-06-28 00:35:08+00:00| seen| https://t.me/cibsecurity/45232...

8.8CVSS6.8AI score0.01329EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2022/06/27 8:50 p.m.9 views

CVE-2022-31086 Incorrect Regular Expressions in ldap-account-manager

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 incorrect regular expressions allow to upload PHP scripts to config/templates/pdf. This vulnerability could lead to a Remote Code Execution if the...

6.6CVSS7.3AI score0.01329EPSS
Exploits0References3
Cvelist
Cvelistadded 2022/06/27 8:50 p.m.18 views

CVE-2022-31086 Incorrect Regular Expressions in ldap-account-manager

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 incorrect regular expressions allow to upload PHP scripts to config/templates/pdf. This vulnerability could lead to a Remote Code Execution if the...

6.6CVSS9.2AI score0.01329EPSS
Exploits0References3
CVE
CVEadded 2022/06/27 8:50 p.m.99 views

CVE-2022-31086

CVE-2022-31086 affects LDAP Account Manager (LAM). In versions prior to 8.0, an incorrect regular expression allows uploading PHP scripts to the /config/templates/pdf directory, which could enable Remote Code Execution if that directory is accessible. This is not a default configuration of LAM. T...

8.8CVSS7.7AI score0.01329EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2021/08/24 6:53 p.m.5 views

CVE-2021-31086

...

Exploits0
Rows per page
Query Builder