Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2026/01/07 9:21 a.m.15 views

CVE-2025-13419

CVE-2025-13419 affects the WordPress plugin Guest posting / Frontend Posting / Front Editor – WP Front User Submit. The issue is a missing capability check on the /wp-json/bfe/v1/revert REST endpoint, present in all versions up to 5.0.0, allowing unauthenticated attackers to delete arbitrary medi...

5.3CVSS5.1AI score0.00115EPSS
Exploits0References2
GithubExploit
GithubExploitadded 2025/09/10 12:20 a.m.315 views

Exploit for Authentication Bypass by Primary Weakness in Crushftp

CVE-2025-31161 - CrushFTP Authentication Bypass Exploit PoC...

9.8CVSS7.3AI score0.88937EPSS
Exploits20
CVE
CVEadded 2025/08/16 3:38 a.m.17 views

CVE-2025-7664

CVE-2025-7664 — WordPress AL Pack plugin is vulnerable due to a missing capability check in the check_activate_permission() callback for the REST API endpoint /wp-json/presslearn/v1/activate. The vulnerability allows unauthenticated attackers to activate premium features by spoofing the Origin he...

7.5CVSS5.9AI score0.00272EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/05/21 12:0 a.m.2 views

Meteobridge 安全漏洞

Meteobridge is a small device from Meteobridge that connects personal weather stations to public weather networks. A security vulnerability exists in Meteobridge that stems from a command injection vulnerability in the web interface endpoint that could allow an unauthenticated, remote attacker to...

8.8CVSS8.2AI score0.43919EPSS
Exploits3References2
Positive Technologies
Positive Technologiesadded 2023/12/24 12:0 a.m.8 views

PT-2023-32867 · Uniway · Uniway Uw-302Vp

Name of the Vulnerable Software and Affected Versions: Uniway UW-302VP version 2.0 Description: A vulnerability was found in the Admin Web Interface of Uniway UW-302VP, affecting the processing of the file /boaform/wlan basic set.cgi. The manipulation of the wlanssid/password argument leads to...

5CVSS4.8AI score0.00158EPSS
Exploits1References9
Positive Technologies
Positive Technologiesadded 2023/10/02 12:0 a.m.17 views

PT-2023-32048 · Field Logic · Field Logic Datacube4

Name of the Vulnerable Software and Affected Versions: Field Logic DataCube4 up to 20231001 Description: A problematic issue was found in the Web API component, affecting unknown code of the file /api/. This leads to improper authentication. The exploit has been disclosed to the public and may be...

7.5CVSS5.3AI score0.00166EPSS
Exploits0References6
OSV
OSVadded 2019/03/28 1:29 a.m.3 views

CVE-2019-1754

A vulnerability in the authorization subsystem of Cisco IOS XE Software could allow an authenticated but unprivileged level 1, remote attacker to run privileged Cisco IOS commands by using the web UI. The vulnerability is due to improper validation of user privileges of web UI users. An attacker...

8.8CVSS6.1AI score0.0055EPSS
Exploits0References2
Rows per page
Query Builder