Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2026/04/04 12:0 a.m.2 views

MyBB Like Plugin 跨站脚本漏洞

MyBB Like Plugin is an extension for forums developed by MyBB Corporation. Version 3.0.0 of MyBB Like Plugin contains a cross-site scripting vulnerability. This vulnerability arises from the lack of validation of topic content when posts or topics are created, which may allow attackers to inject...

6.1CVSS5.6AI score0.00037EPSS
Exploits1References3
Cvelist
Cvelistadded 2025/11/04 4:27 a.m.4 views

CVE-2025-12156 Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One 2.0.7 - 2.2.6 - Missing Authorization to Authenticated (Subscriber+) Post Creation

The Ai Auto Tool Content Writing Assistant Gemini Writer, ChatGPT All in One plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the savepostdata function in versions 2.0.7 to 2.2.6. This makes it possible for authenticated attackers, with...

4.3CVSS0.00038EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/10/24 12:0 a.m.3 views

PT-2025-43593

Name of the Vulnerable Software and Affected Versions Quickcreator – AI Blog Writer plugin for WordPress versions 0.0.9 through 0.1.17 Description The Quickcreator – AI Blog Writer plugin for WordPress is susceptible to exposure of sensitive information. An unauthenticated attacker can access the...

7.5CVSS5.6AI score0.00082EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-51473

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00073EPSS
Exploits1References1
CVE
CVEadded 2025/05/27 1:48 a.m.58 views

CVE-2025-4683

CVE-2025-4683 affects the WordPress plugin “MStore API – Create Native Android & iOS Apps On The Cloud” up to and including version 4.17.5. The root cause is a missing capability check in the create_blog function, enabling authenticated attackers with Subscriber-level access and above to create n...

4.3CVSS4.1AI score0.00205EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2024/02/28 12:0 a.m.3 views

PT-2024-18106 · WordPress · Wp Ecommerce

Name of the Vulnerable Software and Affected Versions: WP eCommerce plugin for WordPress versions up to, and including, 3.15.1 Description: The issue is related to unauthorized arbitrary post creation due to a missing capability check on the check for saas push function. This allows unauthenticat...

5.3CVSS9.5AI score0.00231EPSS
Exploits0References8
CNNVD
CNNVDadded 2023/01/19 12:0 a.m.2 views

Ghost Foundation Ghost 安全漏洞

Ghost Foundation Ghost is a Ghost open source personal blogging system written in JavaScript. A security vulnerability exists in Ghost Foundation Ghost 5.9.4, which stems from an insecure default vulnerability in the post creation feature of Ghost Foundation Ghost 5.9.4. The default installation ...

9CVSS7.3AI score0.00582EPSS
Exploits1References3
Rows per page
Query Builder