Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

83 matches found

CVE
CVEadded 2026/06/16 9:4 a.m.21 views

CVE-2026-49772

CVE-2026-49772 affects WordPress plugin The Events Calendar (Liquid Web / StellarWP) versions 6.15.12–6.16.2. The issue is an SQL Injection due to improper neutralization of special elements, enabling blind SQL injection. CVSS 3.1 base score 9.3 (CRITICAL) with AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L...

9.3CVSS5.6AI score0.00229EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/06/05 7:14 p.m.7 views

CVE-2026-40780

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

7.5CVSS5.4AI score0.00267EPSS
Exploits0References1
NVD
NVDadded 2026/06/02 4:16 p.m.11 views

CVE-2026-40780

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

7.5CVSS0.00267EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/02 3:7 p.m.7 views

EUVD-2026-33948

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

7.5CVSS5.8AI score0.00267EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/06/02 3:7 p.m.6 views

CVE-2026-40780

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

7.5CVSS5.8AI score0.00267EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/02 12:0 a.m.12 views

PT-2026-45779

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

7.5CVSS5.8AI score0.00267EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/01 12:0 a.m.14 views

PT-2026-45465

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liquid Web / StellarWP GiveWP allows DOM-Based XSS. This issue affects GiveWP: from n/a through 4.14.5...

7.1CVSS5.8AI score0.00203EPSS
Exploits0References2
Patchstack
Patchstackadded 2026/01/09 3:55 a.m.7 views

WordPress The Events Calendar plugin <= 6.15.12.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin The Events Calendar versions = 6.15.12.2...

5.4CVSS6.8AI score0.00173EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2025/10/31 3:25 a.m.6 views

WordPress The Events Calendar plugin <= 6.15.9 - Missing Authorization to Authenticated (Subscriber+) Draft Event Title/QR Code Exposure vulnerability

Missing Authorization to Authenticated Subscriber+ Draft Event Title/QR Code Exposure vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin The Events Calendar versions = 6.15.9...

4.3CVSS6.9AI score0.00199EPSS
Exploits0References1Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-24228

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00222EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-36426

Malicious code in bioql PyPI...

10CVSS6.6AI score0.00558EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-27759

Malicious code in bioql PyPI...

5.4CVSS9AI score0.00389EPSS
Exploits0References1
Snyk
Snykadded 2025/09/11 3:35 a.m.3 views

Malicious Package

Overview @liquid-web/mileage is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snykadded 2025/09/11 3:35 a.m.1 views

Malicious Package

Overview @liquid-web/core-services is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/09/11 3:35 a.m.4 views

Malicious code in @liquid-web/mileage (npm)

The package @liquid-web/mileage was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8574d7642f0f1a5d62c5aec640322437ffa389e114e7cdbcf7834417d9bdab8b Any computer that has this package installed or running should be considered fully...

6.9AI score
Exploits0References3
OSV
OSVadded 2025/09/11 3:35 a.m.2 views

MAL-2025-47037 Malicious code in @liquid-web/mileage (npm)

The package @liquid-web/mileage was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8574d7642f0f1a5d62c5aec640322437ffa389e114e7cdbcf7834417d9bdab8b Any computer that has this package installed or running should be considered fully...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/09/11 3:35 a.m.4 views

Malicious code in @liquid-web/common (npm)

The package @liquid-web/common was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2152309995aeb57c2d293acf6ebb54fdc8e47239ba56a4b742bd00743a7468a5 Any computer that has this package installed or running should be considered fully...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/09/11 3:35 a.m.3 views

Malicious code in @liquid-web/utils (npm)

The package @liquid-web/utils was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 02e29a386f30eacfd4a3e7023262f0bb759557fb0a41790632720ff54b920a8d Any computer that has this package installed or running should be considered fully...

6.9AI score
Exploits0References4
Snyk
Snykadded 2025/09/11 3:35 a.m.2 views

Malicious Package

Overview @liquid-web/utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snykadded 2025/09/11 3:35 a.m.1 views

Malicious Package

Overview @liquid-web/common is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Rows per page
Query Builder