Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2026/05/29 7:46 a.m.15 views

CVE-2026-10039

The CVE-2026-10039 entry concerns the WordPress plugin Frontend Admin by DynamiApps. Affected versions up to and including 3.28.28 are vulnerable to a generic SQL Injection via the 'order' parameter due to insufficient escaping of user input and inadequate preparation of the existing SQL query. A...

4.9CVSS6AI score0.00036EPSS
Exploits0References6
CNNVD
CNNVDadded 2026/01/09 12:0 a.m.2 views

WordPress plugin Frontend Admin by DynamiApps 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

9.8CVSS6.7AI score0.0004EPSS
Exploits1References2
OSV
OSVadded 2025/11/05 5:15 p.m.1 views

CVE-2025-43990

Dell Command Monitor DCM, versions prior to 10.12.3.28, contains an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...

7.8CVSS5.8AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/09/22 12:0 a.m.3 views

PT-2025-39060

Name of the Vulnerable Software and Affected Versions David Lingren Media Library Assistant versions through 3.28 Description The software contains a flaw related to improper input handling during web page generation, specifically a Stored Cross-site Scripting issue. This allows for the injection...

5.9CVSS6.5AI score0.00039EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/12/09 11:31 a.m.8 views

CVE-2023-28168 WordPress WordPress Console plugin <= 0.3.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jerod Santo WordPress Console allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Console: from n/a through 0.3.9...

3.7CVSS8AI score0.00149EPSS
Exploits0References1
Microsoft CVE
Microsoft CVEadded 2023/05/29 7:0 a.m.2 views

pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28.

...

7.5CVSS6.7AI score0.00185EPSS
Exploits0
SUSE CVE
SUSE CVEadded 2023/02/15 5:2 a.m.1 views

SUSE CVE-2016-4433

Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to bypass intended access restrictions and conduct redirection attacks via a crafted request...

7.5CVSS7AI score0.03516EPSS
Exploits0References3
OSV
OSVadded 2017/04/24 7:59 p.m.2 views

AZL-34924 CVE-2017-3615 affecting package libdb for versions less than 5.3.28-7

Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks...

7CVSS7AI score0.00865EPSS
Exploits0References1
Rows per page
Query Builder