Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

CNNVD
CNNVDadded 2025/11/21 12:0 a.m.11 views

Roo Code 命令注入漏洞

Roo Code is an AI-based autonomous coding agent from Roo Code. A command injection vulnerability exists in Roo Code versions prior to 3.26.7 that stems from an authentication error and could lead to the execution of unauthorized commands...

8.1CVSS7.8AI score0.00079EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/09/05 12:0 a.m.3 views

Roo Code 操作系统命令注入漏洞

Roo Code is an AI-based autonomous coding agent from Roo Code. An operating system command injection vulnerability exists in Roo Code 3.26.6 and prior versions, which stems from workflows that do not clean up their inputs and could lead to remote code execution...

9.9CVSS8.4AI score0.00614EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/07/10 12:0 a.m.1 views

WordPress plugin WishList Member X Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

9.8CVSS6.1AI score0.01584EPSS
Exploits0References2
OSV
OSVadded 2024/07/09 9:15 a.m.2 views

CVE-2024-37112

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Membership Software WishList Member X.This issue affects WishList Member X: from n/a before 3.26.7...

9.8CVSS5.8AI score0.00905EPSS
Exploits0References1
OSV
OSVadded 2024/06/24 1:15 p.m.2 views

CVE-2024-37109

Improper Control of Generation of Code 'Code Injection' vulnerability in Membership Software WishList Member X allows Code Injection.This issue affects WishList Member X: from n/a before 3.26.7...

8.8CVSS5.8AI score0.00848EPSS
Exploits0References1
OSV
OSVadded 2024/06/24 1:15 p.m.2 views

CVE-2024-37111

Missing Authorization vulnerability in Membership Software WishList Member X.This issue affects WishList Member X: from n/a before 3.26.7...

7.5CVSS5.8AI score0.00355EPSS
Exploits0References1
OSV
OSVadded 2024/06/24 1:15 p.m.2 views

CVE-2024-37107

Improper Privilege Management vulnerability in Membership Software WishList Member X allows Privilege Escalation.This issue affects WishList Member X: from n/a before 3.26.7...

8.8CVSS5.8AI score0.00182EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/06/24 12:0 a.m.2 views

PT-2024-27307 · Unknown · Wishlist Member

Name of the Vulnerable Software and Affected Versions: WishList Member X versions prior to 3.26.7 Description: A Missing Authorization issue has been identified in the Membership Software WishList Member X. This issue may allow unauthorized access due to the lack of proper authorization checks...

7.5CVSS7.2AI score0.00355EPSS
Exploits0References4
Patchstack
Patchstackadded 2024/06/20 9:16 a.m.2 views

WordPress WishList Member X plugin < 3.26.7 - Unauthenticated Database Backup Download vulnerability

Unauthenticated Database Backup Download vulnerability discovered by Dave Jong Patchstack in WordPress Plugin WishList Member X versions 3.26.7...

9.8CVSS7AI score0.01584EPSS
Exploits0Affected Software1
Rows per page
Query Builder