Lucene search
K

257 matches found

GithubExploit
GithubExploit
added 2026/06/08 12:55 p.m.73 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Strapi

CVE-2026-27886 Automated Exploit - Usage Guide What This S...

9.2CVSS5.5AI score0.00612EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.11 views

CVE-2026-7802

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.29.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

8.8CVSS5.6AI score0.00402EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.14 views

PT-2026-47033

Name of the Vulnerable Software and Affected Versions WP Captcha PRO versions prior to 5.39 Description An authentication bypass exists due to the ajax run tool AJAX handler relying only on a nonce check via check ajax referer without performing capability checks. This is combined with the create...

8.8CVSS5.7AI score0.00393EPSS
Exploits1References8
OSV
OSV
added 2026/06/04 7:27 p.m.8 views

GHSA-8V9P-G828-V98F Shopware: Admin Account Takeover via User Recovery Hash Exposure

Summary A low-privilege admin user with userrecovery:read ACL can take over any admin account. The attacker triggers password recovery for the victim unauthenticated endpoint, reads the recovery hash from the Admin API search endpoint, then uses the hash to reset the victim's password another...

6.8CVSS5.8AI score0.00034EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/04 7:27 p.m.11 views

Shopware: Admin Account Takeover via User Recovery Hash Exposure

Summary A low-privilege admin user with userrecovery:read ACL can take over any admin account. The attacker triggers password recovery for the victim unauthenticated endpoint, reads the recovery hash from the Admin API search endpoint, then uses the hash to reset the victim's password another...

5.8AI score0.00034EPSS
Exploits0References4Affected Software2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.15 views

PT-2026-46852

Summary A low-privilege admin user with user recovery:read ACL can take over any admin account. The attacker triggers password recovery for the victim unauthenticated endpoint, reads the recovery hash from the Admin API search endpoint, then uses the hash to reset the victim's password another...

6.8CVSS5.8AI score
Exploits0References5
EUVD
EUVD
added 2026/05/30 9:29 a.m.18 views

EUVD-2026-33455

The Simple History – Track, Log, and Audit WordPress Changes plugin for WordPress is vulnerable to authenticated Subscriber+ account takeover in all versions up to, and including, 5.26.0 via the event reaction endpoints reacttoevent / unreacttoevent. The endpoints register getitemspermissionschec...

7.5CVSS5.8AI score0.00593EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2026/05/30 12:0 a.m.12 views

PT-2026-45088

Name of the Vulnerable Software and Affected Versions Simple History versions prior to 5.26.1 Description The Simple History plugin for WordPress allows authenticated users with Subscriber-level permissions or higher to take over accounts. The issue exists in the event reaction endpoints...

7.5CVSS5.8AI score0.00593EPSS
Exploits1References18
Cvelist
Cvelist
added 2026/05/29 5:8 p.m.38 views

CVE-2026-45627 Arcane: Unauthenticated reflected XSS via SVG color parameter in /api/app-images/logo enables admin account takeover

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.0, the unauthenticated GET /api/app-images/logo endpoint reflects a user-supplied color query parameter into the body of an SVG document via strings.ReplaceAll with no escaping. The substitution...

8.2CVSS0.00185EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 8:4 a.m.8 views

CVE-2026-10056

CORS misconfiguration in the REST API of Network Optix Nx Witness VMS before version 6.1.2, when running in the default Standard security mode, on Linux and Windows allows an unauthenticated remote attacker to steal the session token of an authenticated user and perform Administrator Account...

7.5CVSS5.8AI score0.00242EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/28 3:27 a.m.30 views

CVE-2026-7802 Frontend Admin by DynamiApps <= 3.29.2 - Missing Authorization to Authenticated (Subscriber+) Account Takeover via 'user_id' URL Query Parameter

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.29.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

8.8CVSS0.00402EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.18 views

PT-2026-44179

Name of the Vulnerable Software and Affected Versions Frontend Admin by DynamiApps versions prior to 3.29.3 Description An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. Authenticated attackers with subscriber-level...

8.8CVSS5.9AI score0.00402EPSS
Exploits0References16
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:31 a.m.11 views

CVE-2026-8787

The Firebase Support & Chat Management plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.1.1. This is due to the firebaseauth function authenticating the request as the WordPress user whose email is supplied in the useremail POST parameter without...

6AI score0.00283EPSS
Exploits0References6Affected Software1
GithubExploit
GithubExploit
added 2026/05/22 5:5 p.m.100 views

Exploit for CVE-2026-8181

CVE-2026-8181 — Burst Statistics 3.4.0 – 3.4.1.1 — Authenticat...

9.8CVSS5.9AI score0.14608EPSS
Exploits10
Github Security Blog
Github Security Blog
added 2026/05/18 2:19 p.m.16 views

Arcane Backend: Unauthenticated reflected XSS via SVG color parameter enables admin account takeover

Summary The unauthenticated GET /api/app-images/logo endpoint reflects a user-supplied color query parameter into the body of an SVG document via strings.ReplaceAll with no escaping. The substitution lands inside a element of the embedded logo.svg, allowing an attacker to close the style block an...

8.2CVSS6AI score0.00185EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/18 2:19 p.m.5 views

GHSA-Q2PJ-8V84-9MH5 Arcane Backend: Unauthenticated reflected XSS via SVG color parameter enables admin account takeover

Summary The unauthenticated GET /api/app-images/logo endpoint reflects a user-supplied color query parameter into the body of an SVG document via strings.ReplaceAll with no escaping. The substitution lands inside a element of the embedded logo.svg, allowing an attacker to close the style block an...

8.2CVSS6AI score0.00185EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/05/14 12:13 p.m.118 views

Exploit for CVE-2026-8181

CVE-2026-8181 — Burst Statistics Authentication Bypass to Admi...

9.8CVSS5.8AI score0.14608EPSS
Exploits10
Patchstack
Patchstack
added 2026/05/14 9:38 a.m.12 views

WordPress Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) plugin 3.4.0-3.4.1.1 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover vulnerability

Privacy-Friendly WordPress Analytics Google Analytics Alternative plugin 3.4.0-3.4.1.1 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover vulnerability discovered by ? in WordPress Plugin Burst Statistics versions 3.4.0-3.4.1.1...

9.8CVSS5.8AI score0.14608EPSS
Exploits10References1Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/05 9:29 p.m.8 views

Grav Vulnerable to Administrative Account Disruption and Privilege De-escalation via User Overwrite Logic

Summary A business logic vulnerability in the Grav Admin Panel allows a low-privileged user with only user creation permissions to overwrite existing accounts, including the primary administrator. By creating a new user with a username that already exists, the system updates the existing account'...

8.1CVSS5.8AI score0.00463EPSS
Exploits1References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/05 8:21 p.m.7 views

CVE-2026-42221

Nginx UI is a web user interface for the Nginx web server. From version 2.0.0 to before version 2.3.8, an unauthenticated network attacker can claim the initial administrator account on a fresh nginx-ui instance during the first-run setup window. The public /api/install endpoint is reachable...

9.8CVSS5.8AI score0.00346EPSS
Exploits1References1
Rows per page
Query Builder