Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3642 matches found

NVD
NVDadded 2022/05/18 5:15 p.m.12 views

CVE-2022-29445

Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Popup Box plugin = 2.1.2 at WordPress...

7.2CVSS0.01EPSS
Exploits0References2
Prion
Prionadded 2022/05/18 5:15 p.m.12 views

Design/Logic Flaw

Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Popup Box plugin = 2.1.2 at WordPress...

6.5CVSS6.9AI score0.01EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2022/05/18 4:39 p.m.78 views

CVE-2022-29445

CVE-2022-29445 affects the WordPress Popup Box plugin (versions ≤ 2.1.2). The issue is an Authenticated Local File Inclusion (LFI) vulnerability that arises because the plugin (likely in the include path logic) does not properly validate the current tab before including a file, enabling an admini...

7.2CVSS6.8AI score0.01EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2022/05/18 4:39 p.m.16 views

CVE-2022-29445 WordPress Popup Box plugin <= 2.1.2 - Authenticated Local File Inclusion (LFI) vulnerability

Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Popup Box plugin = 2.1.2 at WordPress...

6.8CVSS7.2AI score0.01EPSS
Exploits0References2
CNVD
CNVDadded 2022/05/18 12:0 a.m.20 views

WordPress Visual Slide Box Builder plugin SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Visual Slide Box Builder plugin 3.2.9 and earlier versions are vulnerable to SQL injection, which...

8.8CVSS2.3AI score0.01312EPSS
Exploits1References1
CNNVD
CNNVDadded 2022/05/18 12:0 a.m.2 views

WordPress plugin Popup Box 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress Pop...

7.2CVSS5.6AI score0.01EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2022/05/17 11:20 a.m.3 views

CVE-2022-29445

Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Popup Box plugin = 2.1.2 at WordPress...

7.2CVSS7AI score0.01EPSS
Exploits0References3Affected Software1
vulnersOsv
vulnersOsvadded 2022/05/17 4:50 a.m.4 views

co.paralleluniverse:galaxy (>=1.1 <=1.2), co.paralleluniverse:quasar-galaxy (=0.2.0) +386 more potentially affected by CVE-2013-4112 via org.jgroups:jgroups (>=3.0.0.CR1 <=3.2.8.Final)

org.jgroups:jgroups MAVEN version =3.0.0.CR1, =1.1, =1.0.0-1, =1.0.7364, =1.0d13, =1.0d18, =1.0d13, =1.0d13, =0.13.1, =0.7.3, =0.8.0, =0.9.0 and more Source cves: CVE-2013-4112 Source advisory: OSV:GHSA-CC62-496P-HRR7...

5.4CVSS5.8AI score0.01607EPSS
Exploits0
WPVulnDB
WPVulnDBadded 2022/05/17 12:0 a.m.17 views

Popup Box < 2.2 - Admin+ LFI

The plugin does not properly validate the current tab used before generating a path and using it in an include statement, which could lead to LFI...

7.2CVSS1AI score0.01EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKBadded 2022/05/16 3:15 p.m.3 views

CVE-2022-1182

The Visual Slide Box Builder WordPress plugin through 3.2.9 does not sanitise and escape various parameters before using them in SQL statements via some of its AJAX actions available to any authenticated users such as subscriber, leading to SQL Injections...

8.8CVSS7.8AI score0.01312EPSS
Exploits1References2
OSV
OSVadded 2022/05/16 3:15 p.m.2 views

CVE-2022-1182

The Visual Slide Box Builder WordPress plugin through 3.2.9 does not sanitise and escape various parameters before using them in SQL statements via some of its AJAX actions available to any authenticated users such as subscriber, leading to SQL Injections...

8.8CVSS7.4AI score0.01312EPSS
Exploits1References1
NVD
NVDadded 2022/05/16 3:15 p.m.19 views

CVE-2022-1182

The Visual Slide Box Builder WordPress plugin through 3.2.9 does not sanitise and escape various parameters before using them in SQL statements via some of its AJAX actions available to any authenticated users such as subscriber, leading to SQL Injections...

8.8CVSS0.01312EPSS
Exploits1References1
Prion
Prionadded 2022/05/16 3:15 p.m.16 views

Sql injection

The Visual Slide Box Builder WordPress plugin through 3.2.9 does not sanitise and escape various parameters before using them in SQL statements via some of its AJAX actions available to any authenticated users such as subscriber, leading to SQL Injections...

6.5CVSS8.7AI score0.01312EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/05/16 2:30 p.m.28 views

CVE-2022-1182 Visual Slide Box Builder <= 3.2.9 - Subscriber+ SQLi

The Visual Slide Box Builder WordPress plugin through 3.2.9 does not sanitise and escape various parameters before using them in SQL statements via some of its AJAX actions available to any authenticated users such as subscriber, leading to SQL Injections...

8.9AI score0.01312EPSS
Exploits1References1
CVE
CVEadded 2022/05/16 2:30 p.m.72 views

CVE-2022-1182

The CVE-2022-1182 entry corresponds to the WordPress Visual Slide Box Builder plugin (versions up to 3.2.9). The vulnerability is due to insufficient sanitisation/escaping of parameters before they are used in SQL statements within several AJAX actions that are accessible to authenticated users (...

8.8CVSS8.8AI score0.01312EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKBadded 2022/05/16 1:55 p.m.1 views

CVE-2022-29446

Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Counter Box plugin = 1.1.1 at WordPress...

7.2CVSS7AI score0.00979EPSS
Exploits0References3Affected Software1
CNNVD
CNNVDadded 2022/05/16 12:0 a.m.2 views

WordPress plugin Visual Slide Box Builder SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Visual Slide Box Builder plugin 3.2.9 and earlier versions are vulnerable to SQL injection, which...

8.8CVSS8.1AI score0.01312EPSS
Exploits1References2
Patchstack
Patchstackadded 2022/05/16 12:0 a.m.36 views

WordPress Counter Box plugin <= 1.1.1 - Authenticated Local File Inclusion (LFI) vulnerability

Authenticated Local File Inclusion LFI vulnerability discovered by 0xB9 Patchstack Alliance in WordPress Counter Box plugin versions = 1.1.1. Solution Update the WordPress Counter Box plugin to the latest available version at least 1.2...

7.2CVSS3.6AI score0.00979EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDBadded 2022/05/16 12:0 a.m.14 views

Counter Box < 1.2 - Admin+ LFI

The plugin does not properly validate the current tab used before generating a path and using it in an include statement, which could lead to LFI...

7.2CVSS1.5AI score0.00979EPSS
Exploits0Affected Software1
OSV
OSVadded 2022/05/13 1:31 a.m.13 views

GHSA-QWV2-2X8G-G43G Gem in a Box vulnerable to Cross-site Request Forgery

geminabox aka Gem in a Box before 0.13.7 has CSRF, as demonstrated by an unintended gem upload...

8.8CVSS8.6AI score0.00496EPSS
Exploits1References6
Rows per page
Query Builder