Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/02/28 12:0 a.m.8 views

PT-2026-22480

Name of the Vulnerable Software and Affected Versions wpForo Forum version 2.4.14 Description The software contains an information disclosure issue that allows unauthenticated users to retrieve private and unapproved forum topics. This is possible through the global RSS feed endpoint. When...

6.9CVSS5.9AI score0.00337EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/25 9:32 a.m.4 views

EUVD-2025-35923

The The Discussion Board – WordPress Forum Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.5.5. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. Th...

6.3CVSS6AI score0.0024EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/06/27 12:0 a.m.3 views

WordPress plugin WP Forum Server SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

7.6CVSS7.7AI score0.00271EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/02/05 3:8 p.m.8 views

CVE-2020-36706

The Simple:Press – WordPress Forum Plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /admin/resources/jscript/ajaxupload/sf-uploader.php file in versions up to, and including, 6.6.0. This makes it possible for attackers to upload arbitrary fil...

9.8CVSS7.8AI score0.01818EPSS
Exploits1References1
NVD
NVDadded 2023/10/20 7:15 a.m.13 views

CVE-2020-36706

The Simple:Press – WordPress Forum Plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /admin/resources/jscript/ajaxupload/sf-uploader.php file in versions up to, and including, 6.6.0. This makes it possible for attackers to upload arbitrary fil...

9.8CVSS9.8AI score0.01818EPSS
Exploits1References4
CVE
CVEadded 2023/10/20 6:35 a.m.44 views

CVE-2020-36706

CVE-2020-36706 affects the Simple:Press WordPress Forum Plugin. The issue is missing file type validation in the sf-uploader.php uploader (~/admin/resources/jscript/ajaxupload/sf-uploader.php), allowing arbitrary file uploads in versions up to 6.6.0 and potentially enabling remote code execution ...

9.8CVSS9.6AI score0.01818EPSS
Exploits1References4Affected Software1
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.22 views

Wordpress plugin WP-Forum 1.7.4 - Remote SQL Injection Vulnerability

No description provided by source. remote sql injection exploit -::DESCRIPTION== WordPress forum plugin by Fredrik Fahlstad. Version: 1.7.4. exploit: 1+union+select+null,concatuserlogin,0x2f,userpass,0x2f,useremail,null,null,null,null,null+from+wpusers where id=1/ wptbvusers google: Fredrik...

7.1AI score
Exploits0
exploitpack
exploitpackadded 2008/01/19 12:0 a.m.16 views

WordPress Plugin WP-Forum 1.7.4 - SQL Injection

WordPress Plugin WP-Forum 1.7.4 - SQL Injection remote sql injection exploit -::DESCRIPTION== WordPress forum plugin by Fredrik Fahlstad. Version: 1.7.4. exploit: 1+union+select+null,concatuserlogin,0x2f,userpass,0x2f,useremail,null,null,null,null,null+from+wpusers where id=1/ wptbvusers google:...

0.8AI score
Exploits0
Rows per page
Query Builder