Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

90 matches found

NVD
NVDadded yesterday8 views

CVE-2026-9187

The Abandoned Contact Form 7 plugin for WordPress is vulnerable to unauthorized arbitrary post deletion in versions up to, and including, 2.2. This is due to a missing capability check and missing nonce validation in the actionremoveabandoned function, which is registered to both the...

5.3CVSS0.00228EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/13 4:26 a.m.9 views

EUVD-2026-29899

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 8.9.0. This is due to a missing ownership verification in the B2SPostTools::deleteUserPublishPost and B2SPostTools::deleteUserSchedPost functions,...

5.4CVSS5.9AI score0.0029EPSS
Exploits0References14
Cvelist
Cvelistadded 2026/04/16 11:21 a.m.24 views

CVE-2026-3155 OneSignal – Web Push Notifications <= 3.8.0 - Missing Authorization to Authenticated (Subscriber+) Post Meta Deletion via 'post_id'

The OneSignal – Web Push Notifications plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 3.8.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

3.1CVSS0.00324EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/03/26 3:15 p.m.3 views

CVE-2026-4573

A security vulnerability has been detected in SourceCodester Simple E-learning System 1.0. This affects an unknown part of the file /includes/formhandlers/deletepost.php of the component HTTP GET Parameter Handler. The manipulation of the argument postid leads to sql injection. It is possible to...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/23 6:30 a.m.4 views

EUVD-2026-14363

A security vulnerability has been detected in SourceCodester Simple E-learning System 1.0. This affects an unknown part of the file /includes/formhandlers/deletepost.php of the component HTTP GET Parameter Handler. The manipulation of the argument postid leads to sql injection. It is possible to...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References6
NVD
NVDadded 2026/03/23 6:16 a.m.6 views

CVE-2026-4573

A security vulnerability has been detected in SourceCodester Simple E-learning System 1.0. This affects an unknown part of the file /includes/formhandlers/deletepost.php of the component HTTP GET Parameter Handler. The manipulation of the argument postid leads to sql injection. It is possible to...

6.5CVSS0.00196EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/03/23 5:1 a.m.3 views

CVE-2026-4573 SourceCodester Simple E-learning System HTTP GET Parameter delete_post.php sql injection

A security vulnerability has been detected in SourceCodester Simple E-learning System 1.0. This affects an unknown part of the file /includes/formhandlers/deletepost.php of the component HTTP GET Parameter Handler. The manipulation of the argument postid leads to sql injection. It is possible to...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/03/23 5:1 a.m.5 views

CVE-2026-4573

A security vulnerability has been detected in SourceCodester Simple E-learning System 1.0. This affects an unknown part of the file /includes/formhandlers/deletepost.php of the component HTTP GET Parameter Handler. The manipulation of the argument postid leads to sql injection. It is possible to...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologiesadded 2026/03/23 12:0 a.m.5 views

PT-2026-27050

Name of the Vulnerable Software and Affected Versions SourceCodester Simple E-learning System version 1.0 Description A security issue exists in SourceCodester Simple E-learning System 1.0. The issue is related to SQL injection within the /includes/form handlers/delete post.php file, specifically...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References9
CNNVD
CNNVDadded 2026/03/23 12:0 a.m.4 views

Simple E-Learning System SQL注入漏洞

Simple E-Learning System is a simple e-learning system developed by Carlo Montero. Version 1.0 of Simple E-Learning System has a SQL injection vulnerability. This vulnerability arises from improper handling of the postid parameter in the HTTP GET Parameter Handler component located in the file...

6.5CVSS6.7AI score0.00196EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/02/08 1:3 p.m.18 views

CVE-2026-2083

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file /deletepost.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to th...

9.8CVSS7.2AI score0.00323EPSS
Exploits1References1
OSV
OSVadded 2026/02/07 11:16 a.m.3 views

CVE-2026-2083

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file /deletepost.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to th...

9.8CVSS6.9AI score
Exploits0References5
NVD
NVDadded 2026/02/07 11:16 a.m.2 views

CVE-2026-2083

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file /deletepost.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to th...

9.8CVSS0.00323EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2026/02/07 10:32 a.m.3 views

CVE-2026-2083 code-projects Social Networking Site delete_post.php sql injection

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file /deletepost.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to th...

7.5CVSS5.5AI score0.00323EPSS
Exploits1References5
CVE
CVEadded 2026/02/07 10:32 a.m.10 views

CVE-2026-2083

CVE-2026-2083 affects code-projects Social Networking Site 1.0. The flaw is in the unknown function of the file /delete_post.php ; manipulating the ID argument yields an SQL injection . It is remotely exploitable and the exploit has been publicly released. Multiple sources (NVD, Red Hat, CVE list...

9.8CVSS7.2AI score0.00323EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2026/02/07 10:32 a.m.35 views

CVE-2026-2083 code-projects Social Networking Site delete_post.php sql injection

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file /deletepost.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to th...

7.5CVSS0.00323EPSS
Exploits1References5
CNNVD
CNNVDadded 2026/02/07 12:0 a.m.3 views

Code-Projects Social Networking Site SQL注入漏洞

Code-Projects Social Networking Site is an open-source social networking site developed by Code-Projects. Version 1.0 of Code-Projects Social Networking Site has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in the file /deletepost.php, which...

9.8CVSS7.1AI score0.00323EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2026/02/07 12:0 a.m.7 views

PT-2026-6901

Name of the Vulnerable Software and Affected Versions code-projects Social Networking Site version 1.0 Description A security flaw exists in code-projects Social Networking Site 1.0. The issue is related to SQL injection in an unknown function within the /delete post.php file. Manipulating the ID...

7.5CVSS5.5AI score0.00323EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2026/01/10 12:0 a.m.5 views

PT-2026-1761

Name of the Vulnerable Software and Affected Versions User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin versions prior to 4.4.9 Description The plugin is susceptible to a Cross-Site Request Forgery CSRF issu...

5.4CVSS6.5AI score0.00123EPSS
Exploits0References8
CVE
CVEadded 2026/01/09 7:22 a.m.15 views

CVE-2025-14741

CVE-2025-14741 affects Frontend Admin by DynamiApps (WordPress) up to version 3.28.25. The issue is missing authorization for data deletion via the delete_object path, enabling unauthenticated attackers to delete posts, pages, products, taxonomy terms, and user accounts. Wordfence’s coverage conf...

9.1CVSS5.1AI score0.00353EPSS
Exploits0References2
Rows per page
Query Builder