Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CVE
CVEadded 2026/03/13 1:18 a.m.5 views

CVE-2026-22202

wpDiscuz before 7.6.47 is affected by a cross-site request forgery that lets an attacker delete all comments for a target email by triggering a crafted GET request containing a valid HMAC key. The attacker can embed the deletecomments action URL in image tags or other resources to cause permanent...

8.1CVSS5.7AI score0.00026EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2026/03/13 1:18 a.m.27 views

CVE-2026-22202 wpDiscuz before 7.6.47 - Destructive GET Action Deletes All Comments by Email

wpDiscuz before 7.6.47 contains a cross-site request forgery vulnerability that allows attackers to delete all comments associated with an email address by crafting a malicious GET request with a valid HMAC key. Attackers can embed the deletecomments action URL in image tags or other resources to...

8.1CVSS0.00026EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2022/12/26 12:0 a.m.1 views

PT-2022-26504 · WordPress · Bulk Delete Users By Email

Name of the Vulnerable Software and Affected Versions: Bulk Delete Users by Email WordPress plugin versions 1.2 and earlier Description: The issue concerns a lack of CSRF check when deleting users, which could allow attackers to make a logged-in admin delete non-admin users by knowing their email...

6.5CVSS6.2AI score0.00097EPSS
Exploits1References4
Rows per page
Query Builder