Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2025/01/24 12:0 a.m.5 views

WordPress plugin Premium Packages SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

7.6CVSS9AI score0.02157EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2024/12/18 12:0 a.m.7 views

PT-2025-5480 · WordPress · Wordpress Download Manager Premium Packages

Name of the Vulnerable Software and Affected Versions: WordPress Download Manager Premium Packages versions n/a through 5.9.6 Description: The issue is related to an SQL Injection vulnerability, specifically an Improper Neutralization of Special Elements used in an SQL Command. This allows for...

7.6CVSS8AI score0.02157EPSS
Exploits1References5
Patchstack
Patchstackadded 2024/11/06 8:56 p.m.2 views

WordPress Event Post plugin <= 5.9.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Event post versions = 5.9.6...

6.4CVSS5.7AI score0.00391EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2024/11/06 12:43 p.m.47 views

CVE-2024-10186

CVE-2024-10186 affects the WordPress Event post plugin. Reported as Stored XSS via the events_cal shortcode, due to insufficient input sanitization/output escaping for user-supplied attributes. Vulnerable in all versions up to 5.9.6; requires authentication (contributor-level or higher) to inject...

6.4CVSS5.4AI score0.00391EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2024/05/13 6:0 p.m.0 views

UBUNTU-CVE-2022-4967

strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch CWE-297. When certificates are used to authenticate clients in TLS-based EAP methods, the IKE or EAP identity supplied by a client is not enforced to be...

7.7CVSS5.7AI score0.00047EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2023/10/20 12:0 a.m.106 views

Amazon Linux 2 : oniguruma (ALAS-2023-2311)

The version of oniguruma installed on the remote host is prior to 5.9.6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2311 advisory. An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through...

9.8CVSS7.4AI score0.01242EPSS
Exploits4References10
OpenVAS
OpenVASadded 2022/05/03 12:0 a.m.18 views

Zoom Client < 5.9.6 Package Update Vulnerability (ZSB-22003) - Mac OS X

The Zoom Client is prone to a package update vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:zoom:zoom";...

7.5CVSS7.6AI score0.00112EPSS
Exploits0References1
Rows per page
Query Builder