Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2026/05/13 1:27 p.m.4 views

EUVD-2026-29954

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the pminviteuser function in all versions up to, and including, 5.9.8.4. This makes it possible for authenticated attackers, with Subscriber-level...

7.1CVSS5.8AI score0.0003EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/01/07 9:19 a.m.1 views

CVE-2024-2233

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks. These include declining and accepting group invitations or leaving a group...

6.3CVSS6.7AI score0.0009EPSS
Exploits2References1
CNNVD
CNNVDadded 2025/07/10 12:0 a.m.1 views

GitLab Enterprise Edition 安全漏洞

GitLab Enterprise Edition EE is a content management system from the U.S.-based GitLab, Inc. A security vulnerability exists in GitLab Enterprise Edition versions prior to 18.0 through 18.0.4 and 18.1 through 18.1.2, which stems from an authenticated user potentially bypassing group-level user...

2.7CVSS6.3AI score0.00067EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/05/22 8:13 p.m.0 views

CVE-2021-39875

In all versions of GitLab CE/EE since version 13.6, it is possible to see pending invitations of any public group or public project by visiting an API endpoint...

5.3CVSS6.1AI score0.00299EPSS
Exploits0References1
OSV
OSVadded 2024/07/03 6:15 a.m.1 views

CVE-2024-2233

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks. These include declining and accepting group invitations or leaving a group...

4.3CVSS5.8AI score0.0009EPSS
Exploits2References1
CVE
CVEadded 2024/07/03 6:0 a.m.60 views

CVE-2024-2233

Affected software/impact: Himer WordPress theme prior to 2.1.1 contains CSRF vulnerabilities in group-management actions (e.g., declining/accepting invitations, leaving a group). The root cause is missing CSRF checks in certain areas, enabling logged-in users to be targeted via CSRF attacks. Vers...

6.3CVSS4.5AI score0.0009EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologiesadded 2024/07/03 12:0 a.m.3 views

PT-2024-19343 · Himer · Himer

Name of the Vulnerable Software and Affected Versions: Himer WordPress theme versions prior to 2.1.1 Description: The issue concerns the lack of CSRF checks in certain areas, allowing attackers to perform unwanted actions on logged-in users through CSRF attacks. This includes actions such as...

6.3CVSS7.3AI score0.0009EPSS
Exploits2References4
Debian CVE
Debian CVEadded 2021/10/05 12:28 p.m.24 views

CVE-2021-39875

Removed by vendor...

5.3CVSS6AI score0.00299EPSS
Exploits0
CNVD
CNVDadded 2017/10/20 12:0 a.m.1 views

Octopus Deploy Elevation of Privilege Vulnerability

Octopus is an automated tool for development and deployment of .NET from Octopus Deploy Australia. A security vulnerability exists in versions of Octopus prior to 3.17.7. An attacker could exploit the vulnerability to invite users to groups with elevated privileges...

6.5CVSS6.5AI score0.00141EPSS
Exploits0References1
Rows per page
Query Builder