Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

528 matches found

Vulnrichment
Vulnrichmentadded 2026/06/10 6:0 a.m.7 views

CVE-2026-8071 Spam protection, Honeypot, Anti-Spam by CleanTalk < 6.79 - Unauthenticated Stored XSS via Comment Shortcode Bypass

The Anti-Spam by CleanTalk. Spam protection WordPress plugin before 6.79 does not properly sanitize content within a custom shortcode used in its email-encoding feature, allowing unauthenticated attackers to inject arbitrary web scripts into approved comments that will execute when any user...

5.7AI score0.00296EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/03 12:0 a.m.12 views

PT-2026-46082

This module provides spam protection using the CleanTalk cloud service. The module doesn't sufficiently sanitize API response messages before rendering them in HTML output. The cleantalk die and ct die functions output the CleanTalk API response message directly into HTML without proper...

5.9AI score
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/04/02 6:0 a.m.1 views

CVE-2026-1540 Spam Protect for Contact Form 7 < 1.2.10 - Editor+ Remote Code Execution

The Spam Protect for Contact Form 7 WordPress plugin before 1.2.10 allows logging to a PHP file, which could allow an attacker with editor access to achieve Remote Code Execution by using a crafted header...

6AI score0.00639EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/04/02 12:0 a.m.6 views

WordPress plugin Spam Protect for Contact Form 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.2CVSS6.2AI score0.00639EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/26 3:9 p.m.4 views

CVE-2026-33393

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the allowedspamhostdomains check used Stringendwith? without domain boundary validation, allowing domains like attacker-example.com to bypass spam protection when example.com was...

4.3CVSS5.8AI score0.00251EPSS
Exploits0References1
NVD
NVDadded 2026/03/25 5:17 p.m.9 views

CVE-2026-32496

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in NYSL Spam Protect for Contact Form 7 wp-contact-form-7-spam-blocker allows Path Traversal.This issue affects Spam Protect for Contact Form 7: from n/a through = 1.2.9...

6.8CVSS0.00364EPSS
Exploits0References1
NVD
NVDadded 2026/03/19 10:16 p.m.3 views

CVE-2026-33393

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the allowedspamhostdomains check used Stringendwith? without domain boundary validation, allowing domains like attacker-example.com to bypass spam protection when example.com was...

4.3CVSS0.00251EPSS
Exploits0References4
EUVD
EUVDadded 2026/03/19 10:4 p.m.2 views

EUVD-2026-13338

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the allowedspamhostdomains check used Stringendwith? without domain boundary validation, allowing domains like attacker-example.com to bypass spam protection when example.com was...

4.3CVSS5.8AI score0.00251EPSS
Exploits0References4
OSV
OSVadded 2026/03/19 10:4 p.m.4 views

CVE-2026-33393 Discourse fixes loose hostname matching in spam host allowlist

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the allowedspamhostdomains check used Stringendwith? without domain boundary validation, allowing domains like attacker-example.com to bypass spam protection when example.com was...

4.3CVSS5.9AI score0.00251EPSS
Exploits0References6
CVE
CVEadded 2026/03/19 10:4 p.m.9 views

CVE-2026-33393

Discourse contains a vulnerability in the spam protection check for allowed_spam_host_domains. Before versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the check used String#end_with? without domain boundary validation, permitting a suffix-bypass such as attacker-example.com when example.com wa...

4.3CVSS5.8AI score0.00251EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2026/02/15 4:15 a.m.11 views

CVE-2026-1490

The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an authorization bypass via reverse DNS PTR record spoofing on the 'checkWithoutToken' function in all versions up to, and including, 6.71. This makes it...

9.8CVSS0.01157EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/02/15 12:0 a.m.8 views

WordPress plugin Spam protection, Anti-Spam, FireWall by CleanTalk 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.8CVSS6.1AI score0.01157EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2008-0217

Malware in sbrugna...

4.3CVSS6.4AI score0.01885EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2008-6650

Malware in sbrugna...

7.5CVSS6.4AI score0.01359EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2008-0216

Malware in sbrugna...

4.3CVSS6.4AI score0.01854EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.8 views

EUVD-2024-33455

Malicious code in bioql PyPI...

8.1CVSS9.6AI score0.03824EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2023-12820

Malicious code in bioql PyPI...

6.5CVSS7.2AI score0.00498EPSS
Exploits2References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-17278

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.0014EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-38120

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00539EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-17072

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00166EPSS
Exploits0References5
Rows per page
Query Builder