Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Snyk
Snykadded 2026/05/07 12:6 a.m.9 views

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the SNS HTTP/HTTPS notification endpoints due to missing signature verification. An attacker can cause the application to process arbitrary payloads as legitimate notifications, auto-confi...

6.3CVSS5.9AI score0.00108EPSS
Exploits0References2
NVD
NVDadded 2026/02/27 4:16 a.m.4 views

CVE-2026-2428

The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.1.17. This is due to the PayPal IPN Instant Payment Notification verification being disabled by default disableipnverification defaults to...

7.5CVSS0.00035EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/02/27 12:0 a.m.5 views

PT-2026-22290

Name of the Vulnerable Software and Affected Versions Fluent Forms Pro Add On Pack for WordPress versions through 6.1.17 Description The software contains a flaw related to insufficient verification of data authenticity. Specifically, PayPal IPN Instant Payment Notification verification is disabl...

7.5CVSS5.9AI score0.00035EPSS
Exploits0References8
Cvelist
Cvelistadded 2026/02/14 4:35 a.m.25 views

CVE-2026-0692 BlueSnap Payment Gateway for WooCommerce <= 3.4.0 - Missing Authorization to Unauthenticated Arbitrary Order Status Manipulation

The BlueSnap Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.4.0. This is due to the plugin relying on WooCommerce's WCGeolocation::getipaddress function to validate IPN requests, which trusts user-controllable...

7.5CVSS0.00116EPSS
Exploits0References3
OSV
OSVadded 2024/01/24 10:15 a.m.0 views

CVE-2023-43995

An issue in picot.golf mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

5.4CVSS5.8AI score0.0008EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/01/24 12:0 a.m.2 views

PT-2024-13162 · Line · Line

Name of the Vulnerable Software and Affected Versions: Line version 13.6.1 Description: An issue in the Books-futaba mini-app on Line allows attackers to send crafted malicious notifications via leakage of the channel access token. This leakage enables attackers to exploit the system, potentially...

5.4CVSS7.2AI score0.0008EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2023/03/14 12:0 a.m.3 views

PT-2023-1716 · Moxa · Nport 6000 +1

Name of the Vulnerable Software and Affected Versions: Line version 13.6.1 NPort 6000 affected versions not specified NPort Windows Driver Manager affected versions not specified Description: An issue in the Cleaning makotoya mini-app on Line allows attackers to send crafted malicious notificatio...

10CVSS5.5AI score0.0008EPSS
Exploits1References8
Rows per page
Query Builder