Lucene search
K

3674 matches found

Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.17 views

PT-2026-45666

The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Exposure in versions 7.0.0 - 7.0.14, via the 'slider.get.full' AJAX Action. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including raw social...

4.3CVSS5.8AI score0.00163EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 3:16 p.m.20 views

CVE-2026-49059

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Facebook Facebook for WooCommerce allows Phishing. This issue affects Facebook for WooCommerce: from n/a through 3.7.0...

4.7CVSS0.00231EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 2:33 p.m.9 views

EUVD-2026-32529

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Facebook Facebook for WooCommerce allows Phishing. This issue affects Facebook for WooCommerce: from n/a through 3.7.0...

4.7CVSS5.8AI score0.00231EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 2:33 p.m.41 views

CVE-2026-49059 WordPress Facebook for WooCommerce plugin <= 3.7.0 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Facebook Facebook for WooCommerce allows Phishing. This issue affects Facebook for WooCommerce: from n/a through 3.7.0...

4.7CVSS0.00231EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 2:33 p.m.9 views

CVE-2026-49059 WordPress Facebook for WooCommerce plugin <= 3.7.0 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Facebook Facebook for WooCommerce allows Phishing. This issue affects Facebook for WooCommerce: from n/a through 3.7.0...

4.7CVSS5.8AI score0.00231EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 2:33 p.m.24 views

CVE-2026-49059

CVE-2026-49059 : Open Redirect vulnerability in WordPress Facebook for WooCommerce plugin (

4.7CVSS5.8AI score0.00231EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/27 2:30 p.m.12 views

WordPress Facebook for WooCommerce plugin <= 3.7.0 - Open Redirection vulnerability

Open Redirection vulnerability discovered by timomangcut in WordPress Plugin Facebook for WooCommerce versions = 3.7.0...

4.7CVSS5.8AI score0.00231EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

WordPress plugin Facebook for WooCommerce 输入验证错误漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

4.7CVSS5.8AI score0.00231EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.15 views

PT-2026-44029

Name of the Vulnerable Software and Affected Versions Facebook for WooCommerce versions prior to 3.7.1 Description An Open Redirect issue exists, which is a type of vulnerability that allows an application to redirect a user to an untrusted external site. This can be leveraged to facilitate...

4.7CVSS5.8AI score0.00231EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/22 8:31 a.m.10 views

Malicious code in kurumi-fca (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f90450e6ca1502bf6287d945c37c4c64f59e624a4269ab8e07600a9db5e755d0 kurumi-fca is a Facebook Chat API library whose advertised purpose is to listen to Messenger events for the caller. Two undisclosed behaviors make it...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/22 4:35 a.m.13 views

MAL-2026-4363 Malicious code in @asura21232/fca-unofficial-nextgen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30540a72a722c901403164aeb090ca99999d3be2cc4d9e9f3ad99ef319fc2db2 This package presents itself as an unofficial Facebook Messenger client library, but its exported authentication helpers loginViaAPI, tokensViaAPI,...

5.8AI score
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Wireshark

In Wireshark versions up to 3.2.7, the Facebook Zero Protocol also known as FBZERO dissector could enter an infinite loop. This issue was addressed in the epan/dissectors/packet-fbzero.c file by correcting the implementation of offset advancement...

7.5CVSS7.4AI score0.03116EPSS
Exploits0References1
OSV
OSV
added 2026/05/20 1:4 a.m.9 views

MAL-2026-4559 Malicious code in fca-eryxenx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7569b032ce4e06251ebfe06b4fc124689f20ca0a7e14b5b2395dc7295bfa18c6 The package's documented login API — loginemail, password, twofactor — POSTs the caller's Facebook email, password, and 2FA secret to...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 1:4 a.m.11 views

Malicious code in fca-eryxenx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7569b032ce4e06251ebfe06b4fc124689f20ca0a7e14b5b2395dc7295bfa18c6 The package's documented login API — loginemail, password, twofactor — POSTs the caller's Facebook email, password, and 2FA secret to...

5.8AI score
Exploits0References1
Malwarebytes
Malwarebytes
added 2026/05/19 12:46 p.m.16 views

Facebook scam promises cheap Aldi meat boxes, steals payment info instead

Sometimes you spot posts on social media that make you wonder if any moderation takes place at all. Which is concerning, because two- thirds of all online shopping scams now start on Facebook and Instagram. Online shopping scams are alarmingly common and have become one of the most frequently...

5.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/05/18 1:51 a.m.21 views

AI is distorting the Holocaust (Lock and Code S07E10)

This week on the Lock and Code podcast … In May of last year, a warning about AI came from somewhere unexpected: The Auschwitz-Birkenau State Museum. Posting publicly on social media, the museum warned about a Facebook account using generative AI to create fake images of people who died in the...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/05/11 7:4 a.m.12 views

A week in security (May 4 &#8211; May 10)

Last week on Malwarebytes Labs: Microsoft says Edge’s plaintext password behavior is "by design" ShinyHunters escalates Canvas attacks with school login defacements Massive AI investment scam network spans 15,500 domains If a fake moustache can fool age checks, is the Online Safety Act working?...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/05/04 11:41 a.m.12 views

Thousands of Facebook accounts stolen by phishing emails sent through Google

Researchers have uncovered a long-running phishing operation that abuses trusted Google services to hijack tens of thousands of Facebook accounts. The compromised Facebook accounts are mainly business and advertiser profiles, which criminals can monetize after gaining access and control. The...

5.7AI score
Exploits0
HackRead
HackRead
added 2026/05/02 6:7 p.m.25 views

Google AppSheet Exploited in 30,000-User Facebook Phishing Operation

Scammers are abusing Google AppSheet and Google Drive to bypass security filters and steal thousands of Facebook Business accounts globally...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/05/01 6:9 p.m.9 views

30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign

A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a "phishing relay" to distribute phishing emails with an aim to compromise Facebook accounts. The activity has been codenamed AccountDumpling by Guardio, with the scheme selling the stolen accounts back...

5.8AI score
Exploits0
Rows per page
Query Builder