Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Cvelist
Cvelistadded 2026/04/08 8:30 a.m.17 views

CVE-2026-39571 WordPress Instantio plugin <= 3.3.30 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Themefic Instantio instantio allows Retrieve Embedded Sensitive Data.This issue affects Instantio: from n/a through = 3.3.30...

5.3CVSS0.00039EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/08 8:30 a.m.1 views

CVE-2026-39571 WordPress Instantio plugin <= 3.3.30 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Themefic Instantio instantio allows Retrieve Embedded Sensitive Data.This issue affects Instantio: from n/a through = 3.3.30...

5.3CVSS5.8AI score0.00039EPSS
Exploits0References1
CVE
CVEadded 2026/04/08 8:30 a.m.3 views

CVE-2026-39571

The CVE-2026-39571 entry relates to the WordPress Instantio plugin (versions &lt;= 3.3.30). Affected component: Instantio plugin for WordPress; vulnerability type: Exposure of Sensitive System Information to an Unauthorized Control Sphere, enabling retrieval of embedded sensitive data. Root cause...

5.3CVSS5.9AI score0.00039EPSS
Exploits0References1
Patchstack
Patchstackadded 2026/03/25 8:34 a.m.3 views

WordPress Instantio plugin <= 3.3.30 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Que Thanh Tuan in WordPress Plugin Instantio versions = 3.3.30...

5.3CVSS5.9AI score0.00039EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2025/11/10 1:26 a.m.6 views

WordPress Download Manager plugin <= 3.3.30 - Unauthenticated Cron Trigger due to Hardcoded Cron Key vulnerability

Unauthenticated Cron Trigger due to Hardcoded Cron Key vulnerability discovered by Jack Pas Dark. - Black Lantern Security in WordPress Plugin Download Manager versions = 3.3.30...

5.3CVSS6.7AI score0.00153EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2025/11/08 4:15 a.m.2 views

CVE-2025-12177

The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded Cron key used in the deleteExpired and clearTempDataCPCron functions in all versions up to, and including, 3.3.30. This makes it possible for unauthenticated attackers to trigger these cron jobs...

5.3CVSS0.00153EPSS
Exploits0References2
CVE
CVEadded 2025/11/08 3:27 a.m.10 views

CVE-2025-12177

CVE-2025-12177 affects the WordPress Download Manager plugin (versions ≤ 3.3.30). The root cause is a hardcoded Cron key that enables unauthenticated triggering of deleteExpired() and clearTempDataCPCron(). This can lead to deletion of expired posts and clearing of cache. The vulnerability is con...

5.3CVSS5.7AI score0.00153EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/11/08 3:27 a.m.5 views

CVE-2025-12177 Download Manager <= 3.3.30 - Unauthenticated Cron Trigger due to Hardcoded Cron Key

The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded Cron key used in the deleteExpired and clearTempDataCPCron functions in all versions up to, and including, 3.3.30. This makes it possible for unauthenticated attackers to trigger these cron jobs...

5.3CVSS0.00153EPSS
Exploits0References2
Rows per page
Query Builder