Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

646 matches found

RedhatCVE
RedhatCVEadded 2025/11/01 8:9 a.m.4 views

CVE-2025-10897

The WooCommerce Designer Pro theme for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.9.28. This makes it possible for unauthenticated attackers to read arbitrary files on the server, which can expose DB credentials when the wp-config.php file is read...

8.6CVSS6.2AI score0.16252EPSS
Exploits0References1
NVD
NVDadded 2025/10/31 8:15 a.m.3 views

CVE-2025-10897

The WooCommerce Designer Pro theme for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.9.28. This makes it possible for unauthenticated attackers to read arbitrary files on the server, which can expose DB credentials when the wp-config.php file is read...

8.6CVSS0.16252EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/31 7:26 a.m.2 views

EUVD-2025-37310

The WooCommerce Designer Pro theme for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.9.28. This makes it possible for unauthenticated attackers to read arbitrary files on the server, which can expose DB credentials when the wp-config.php file is read...

8.6CVSS5.7AI score0.16252EPSS
Exploits0References3
CVE
CVEadded 2025/10/31 7:26 a.m.10 views

CVE-2025-10897

The CVE-2025-10897 vulnerability affects the WooCommerce Designer Pro plugin for WordPress (versions up to and including 1.9.28). It allows unauthenticated arbitrary file reads, enabling an attacker to read server files such as wp-config.php and potentially exposed database credentials. Wordfence...

8.6CVSS5.8AI score0.16252EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/10/31 7:26 a.m.153 views

CVE-2025-10897 WooCommerce Designer Pro <= 1.9.28 - Unauthenticated Arbitrary File Read

The WooCommerce Designer Pro theme for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.9.28. This makes it possible for unauthenticated attackers to read arbitrary files on the server, which can expose DB credentials when the wp-config.php file is read...

8.6CVSS0.16252EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/10/31 12:0 a.m.2 views

PT-2025-44583

Name of the Vulnerable Software and Affected Versions WordPress User Extra Fields versions up to and including 16.7 Description The WordPress User Extra Fields plugin is susceptible to arbitrary file deletion. This is due to inadequate file path validation within the save fields function...

8.8CVSS7.6AI score0.00702EPSS
Exploits0References10
Positive Technologies
Positive Technologiesadded 2025/10/31 12:0 a.m.1 views

PT-2025-44586

Name of the Vulnerable Software and Affected Versions WooCommerce Designer Pro versions up to and including 1.9.28 Description The WooCommerce Designer Pro theme for WordPress is susceptible to an arbitrary file read issue. This allows unauthenticated attackers to read arbitrary files on the...

8.6CVSS5.9AI score0.16252EPSS
Exploits0References10
NVD
NVDadded 2025/10/09 6:15 a.m.3 views

CVE-2025-7526

The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to arbitrary file deletion via renaming due to insufficient file path validation in the setuserprofileimage function in all versions up to, and including, 6.6.7. This makes it possible for...

9.8CVSS0.02224EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEVadded 2025/10/08 12:0 a.m.4 views

VulnCheck KEV: CVE-2016-10960

The wsecure plugin before 2.4 for WordPress has remote code execution via shell metacharacters in the wsecure-config.php publish parameter...

8.8CVSS6.4AI score0.71112EPSS
In wildExploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2005-4209

Malware in sbrugna...

5CVSS6.4AI score0.01041EPSS
Exploits1References9
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2006-1133

Malware in sbrugna...

7.5CVSS6.4AI score0.03765EPSS
Exploits1References10
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-8571

Malware in sbrugna...

9.8CVSS9.5AI score0.01141EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-14420

Malware in sbrugna...

9.8CVSS9.4AI score0.03282EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-5886

Malware in sbrugna...

9.8CVSS9.5AI score0.00477EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2008-4189

Malware in sbrugna...

7.5CVSS6.4AI score0.07602EPSS
Exploits1References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2005-4680

Malware in sbrugna...

5CVSS6.4AI score0.00365EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2008-3299

Malware in sbrugna...

7.5CVSS6.4AI score0.01502EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-10775

Malware in sbrugna...

6.1CVSS6.3AI score0.00328EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2006-2869

Malware in sbrugna...

7.5CVSS6.4AI score0.00911EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2014-5334

Malware in sbrugna...

2.1CVSS5.3AI score0.00048EPSS
Exploits0References7
Rows per page
Query Builder