Lucene search
+L

3151 matches found

cve
cve
added 2026/06/04 1:22 p.m.19 views

CVE-2019-25727

The CVE-2019-25727 entry describes an Arbitrary File Download vulnerability in WordPress Plugin ad manager wd 1.0.11. An unauthenticated attacker can target the edit.php endpoint by supplying export=export_csv and a malicious path parameter to read sensitive files accessible to the web server (e....

9.8CVSS5.9AI score0.0046EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/06/04 12:0 a.m.11 views

WordPress plugin ad manager wd 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

9.8CVSS5.5AI score0.0046EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/04 12:0 a.m.21 views

PT-2026-46197

WordPress Plugin ad manager wd 1.0.11 contains an arbitrary file download vulnerability that allows unauthenticated attackers to download sensitive files by manipulating the path parameter. Attackers can send GET requests to the edit.php endpoint with export=export csv and a malicious path...

9.8CVSS5.9AI score0.0046EPSS
Exploits0References4
cve
cve
added 2026/06/02 7:48 a.m.23 views

CVE-2025-5085

CVE-2025-5085 affects the WP Nano AD WordPress plugin (versions up to 1.31). It enables Stored Cross-Site Scripting via the blogrole_link parameter due to insufficient input sanitization/escaping. Impact: authenticated attackers with administrator rights can inject scripts that run for users on i...

5.5CVSS6AI score0.00201EPSS
Exploits0References4
snyk
snyk
added 2026/06/01 9:0 p.m.14 views

Malicious Package

Overview nottuff26 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/06/01 9:0 p.m.13 views

Malicious Package

Overview nottuff10 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/06/01 9:0 p.m.12 views

Malicious Package

Overview ishowfeet5 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisi...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/06/01 9:0 p.m.11 views

Malicious Package

Overview nottuff2 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/06/01 9:0 p.m.16 views

Malicious Package

Overview nottuff3 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/06/01 9:0 p.m.12 views

Malicious Package

Overview lowkirkuenly is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/06/01 9:0 p.m.11 views

Malicious Package

Overview sixseven1 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/06/01 9:0 p.m.14 views

Malicious Package

Overview kirkland is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/06/01 9:0 p.m.14 views

Malicious Package

Overview ratelimitsucks10 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/06/01 9:0 p.m.12 views

Malicious Package

Overview abuden5 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/06/01 9:0 p.m.11 views

Malicious Package

Overview backupsitetuff9 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/06/01 9:0 p.m.13 views

Malicious Package

Overview abuden216 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/06/01 9:0 p.m.13 views

Malicious Package

Overview imillegal3 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisi...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/06/01 9:0 p.m.12 views

Malicious Package

Overview crazynut is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/06/01 9:0 p.m.12 views

Malicious Package

Overview imillegal5 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisi...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/06/01 9:0 p.m.14 views

Malicious Package

Overview abuden226 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

9.8CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder