📄 WordPress Temporary Login 1.0.0 Authentication Bypass

WordPress Temporary Login plugin versions 1.0.0 and below suffer from an authentication bypass vulnerability. Exploit Title: Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeover Date: 2026-05-02 Exploit Author: Amir Hossein Jamshidi Vendor Homepage...

Exploit for CVE-2026-7567

Description - This reposit...

CVE-2026-7567

The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper input validation in the maybelogintemporaryuser function, which fails to verify that the 'temp-login-token' GET parameter is a scalar string before...

CVE-2020-7567

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to find the password hash when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller and broke t...

MAL-2025-7567 Malicious code in @crabas0npm/tempora-blanditiis-reprehenderit-accusantium (npm)

The package @crabas0npm/tempora-blanditiis-reprehenderit-accusantium was found to contain malicious code...

CVE-2025-7567

A vulnerability was found in ShopXO up to 6.5.0 and classified as problematic. This issue affects some unknown processing of the file header.html. The manipulation of the argument lang/systemtype leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed t...

CVE-2025-7567

A vulnerability was found in ShopXO up to 6.5.0 and classified as problematic. This issue affects some unknown processing of the file header.html. The manipulation of the argument lang/systemtype leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed t...

CVE-2025-7567 ShopXO header.html cross site scripting

A vulnerability was found in ShopXO up to 6.5.0 and classified as problematic. This issue affects some unknown processing of the file header.html. The manipulation of the argument lang/systemtype leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed t...

Linux Distros Unpatched Vulnerability : CVE-2016-7567

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the SLPFoldWhiteSpace function in common/slpcompare.c in OpenSLP 2.0 allows remote attackers to have unspecified impact via a crafted string...

Linux Distros Unpatched Vulnerability : CVE-2018-7567

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Admin Package Manager in Open Ticket Request System OTRS 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind...

CBL Mariner 2.0 Security Update: openslp (CVE-2016-7567)

The version of openslp installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2016-7567 advisory. - Buffer overflow in the SLPFoldWhiteSpace function in common/slpcompare.c in OpenSLP 2.0 allows remote...

RHEL 6 : openslp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openslp: memory corruption due to possible overflow in SLPFoldWhiteSpace in common/slpcompare.c...

RHEL 7 : openslp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openslp: memory corruption due to possible overflow in SLPFoldWhiteSpace in common/slpcompare.c...

CVE-2016-7567 affecting package openslp for versions less than 2.0.0-26

CVE-2016-7567 affecting package openslp for versions less than 2.0.0-26. A patched version of the package is available...

Schneider Electric Modicon M221 Programmable Logic Controller Missing Encryption of Sensitive Data (CVE-2020-7567)

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to find the password hash when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller and broke t...

CVE-2016-7567 affecting package openslp for versions less than 2.0.0-26

CVE-2016-7567 affecting package openslp for versions less than 2.0.0-26. A patched version of the package is available...

SUSE: Security Advisory (SUSE-SU-2016:2661-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:0100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-7567

creationtimestamp| type| source ---|---|--- 2020-11-20 00:41:54+00:00| seen| https://t.me/cibsecurity/16634...

CVE-2020-7567

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to find the password hash when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller and broke t...