Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Patchstack
Patchstackadded 2024/04/15 12:43 p.m.2 views

WordPress Smart Forms plugin < 2.6.94 - Edit Entries via CSRF vulnerability

Edit Entries via CSRF vulnerability discovered by Amir Hossein Fallahi in WordPress Plugin Smart Forms versions 2.6.94...

5.4CVSS7AI score0.00255EPSS
Exploits2References1Affected Software1
wpexploit
wpexploitadded 2024/03/25 12:0 a.m.136 views

Smart Forms < 2.6.94 - Edit Entries via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks, such as editing entries, and we consider it a medium risk. CSRF PoC CSRF PoC input type="hidden" name="elementOptions"...

6.8AI score0.00255EPSS
Exploits2
Tenable Nessus
Tenable Nessusadded 2008/09/08 12:0 a.m.23 views

Simple PHP Blog config/users.php Arbitrary User Password Hash Disclosure

The version of Simple PHP Blog installed on the remote host allows an unauthenticated, remote attacker to retrieve information about non-admin users defined to the application, including their user names and password hashes, which could in turn be used to gain access to the application. While the...

6.1AI score
Exploits0
Rows per page
Query Builder