Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

43 matches found

GithubExploit
GithubExploitadded 5 days ago36 views

Exploit for CVE-2017-20251

CVE-2017-20251: Insert PHP Plugin PHP Code Injection Vulne...

9.8CVSS6.3AI score0.00068EPSS
Exploits1
NVD
NVDadded 5 days ago7 views

CVE-2017-20251

WordPress Insert PHP plugin versions before 3.3.1 contain a PHP code injection vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by injecting malicious shortcodes through the WordPress REST API. Attackers can send POST requests to the wp-json/wp/v2/posts endpoint...

9.8CVSS0.00068EPSS
Exploits1References3
CVE
CVEadded 5 days ago24 views

CVE-2017-20251

CVE-2017-20251 affects WordPress Insert PHP plugin versions prior to 3.3.1. The vulnerability is a PHP code injection via the REST API, allowing unauthenticated attackers to execute arbitrary PHP by injecting an insert_php shortcode through POST requests to wp-json/wp/v2/posts, enabling remote PH...

9.8CVSS6.1AI score0.00068EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 5 days ago8 views

CVE-2017-20251 WordPress Insert PHP Plugin 4.7.0 PHP Code Injection via REST API

WordPress Insert PHP plugin versions before 3.3.1 contain a PHP code injection vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by injecting malicious shortcodes through the WordPress REST API. Attackers can send POST requests to the wp-json/wp/v2/posts endpoint...

9.8CVSS6.1AI score0.00068EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2026/06/05 7:31 p.m.7 views

CVE-2026-6161

A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing a manipulation of the argument msg can lead to sql injection. It is possible to launch the attack remotely. The exploit has...

7.5CVSS6.9AI score0.00043EPSS
Exploits0References1
CVE
CVEadded 2026/05/16 3:26 p.m.7 views

CVE-2021-47956

The connected documents identify CVE-2021-47956 as affecting EgavilanMedia PHPCRUD 1.0 and describe a SQL injection vulnerability allowing unauthenticated attackers to manipulate database queries via the firstname parameter. Exploitation details include sending crafted POST requests to insert.php...

8.8CVSS5.9AI score0.0009EPSS
Exploits0References4
EUVD
EUVDadded 2026/04/13 6:30 a.m.3 views

EUVD-2026-21852

A vulnerability has been found in code-projects Simple ChatBox up to 1.0. Affected by this vulnerability is an unknown functionality of the file /chatbox/insert.php of the component Endpoint. Such manipulation of the argument msg leads to cross site scripting. The attack may be performed from...

5.3CVSS4.1AI score0.00039EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/04/13 4:15 a.m.30 views

CVE-2026-6159 code-projects Simple ChatBox Endpoint insert.php cross site scripting

A vulnerability has been found in code-projects Simple ChatBox up to 1.0. Affected by this vulnerability is an unknown functionality of the file /chatbox/insert.php of the component Endpoint. Such manipulation of the argument msg leads to cross site scripting. The attack may be performed from...

5.3CVSS0.00039EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/03/26 5:3 p.m.1 views

CVE-2026-25366

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

9.9CVSS5.8AI score0.00071EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/25 6:31 p.m.4 views

EUVD-2026-15689

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

9.9CVSS5.8AI score0.00071EPSS
Exploits0References2
NVD
NVDadded 2026/03/25 5:16 p.m.3 views

CVE-2026-25366

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

9.9CVSS0.00071EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/25 4:14 p.m.1 views

CVE-2026-25366 WordPress Woody ad snippets plugin <= 2.7.1 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

9.9CVSS5.8AI score0.00071EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/25 4:14 p.m.26 views

CVE-2026-25366 WordPress Woody ad snippets plugin <= 2.7.1 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

9.9CVSS0.00071EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/03/25 12:0 a.m.1 views

PT-2026-27924

Name of the Vulnerable Software and Affected Versions Woody ad snippets versions through 2.7.1 Description A code injection issue exists in Themeisle Woody ad snippets insert-php. The issue involves improper control of code generation, potentially allowing for code injection. The vulnerable...

9.9CVSS6.2AI score0.00071EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/01/07 9:31 a.m.6 views

CVE-2019-16289

The insert-php aka Woody ad snippets plugin before 2.2.8 for WordPress allows authenticated XSS via the winpitem parameter...

5.4CVSS5.8AI score0.00569EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/11/01 12:4 p.m.18 views

CVE-2025-64356

Missing Authorization vulnerability in f1logic Insert PHP Code Snippet insert-php-code-snippet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Insert PHP Code Snippet: from n/a through = 1.4.3...

4.3CVSS7.2AI score0.00053EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/10/31 11:42 a.m.3 views

CVE-2025-64356 WordPress Insert PHP Code Snippet plugin <= 1.4.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in f1logic Insert PHP Code Snippet insert-php-code-snippet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Insert PHP Code Snippet: from n/a through = 1.4.3...

4.3CVSS6.8AI score0.00053EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2019-7087

Malware in sbrugna...

5.4CVSS5.6AI score0.00569EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-16450

Malicious code in bioql PyPI...

4.8CVSS6.1AI score0.00225EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-40167

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00222EPSS
Exploits0References1
Rows per page
Query Builder