Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

203 matches found

Vulnrichment
Vulnrichmentadded 2025/02/26 1:21 p.m.3 views

CVE-2025-26925 WordPress Admin Menu Manager plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Required Admin Menu Manager allows Cross Site Request Forgery.This issue affects Admin Menu Manager: from n/a through 1.0.3...

4.3CVSS8.5AI score0.0016EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/02/26 1:17 p.m.2 views

WordPress Admin Menu Manager plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin Admin Menu Manager versions = 1.0.3...

4.3CVSS7AI score0.0016EPSS
Exploits0Affected Software1
CNNVD
CNNVDadded 2025/02/26 12:0 a.m.2 views

WordPress plugin Admin Menu Manager 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

4.3CVSS8.3AI score0.0016EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/02/26 12:0 a.m.2 views

PT-2025-8693 · Unknown · Admin Menu Manager

Name of the Vulnerable Software and Affected Versions: Admin Menu Manager versions 1.0.3 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

4.3CVSS9.4AI score0.0016EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/01/24 3:31 p.m.18 views

CVE-2025-0698 JoeyBling bootplus list sql injection

A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. It has been classified as critical. Affected is an unknown function of the file /admin/sys/menu/list. The manipulation of the argument sort/order leads to sql injection. It is possible to launch the...

6.5CVSS0.0039EPSS
Exploits0References5
CVE
CVEadded 2025/01/24 3:31 p.m.45 views

CVE-2025-0698

CVE-2025-0698 affects JoeyBling bootplus, with a SQL injection in the internal endpoint /admin/sys/menu/list caused by manipulating the sort/order parameter. The vulnerability is exploitable remotely and has publicly disclosed exploits. Affected is an unknown function within the file; no version ...

8.8CVSS7.3AI score0.0039EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologiesadded 2025/01/24 12:0 a.m.4 views

PT-2025-4007 · Joeybling · Bootplus

Name of the Vulnerable Software and Affected Versions: JoeyBling bootplus versions up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d Description: A critical issue has been found, allowing for remote SQL injection. The manipulation of the sort/order argument in an unknown function of the file...

6.5CVSS7.1AI score0.0039EPSS
Exploits0References9
ATTACKERKB
ATTACKERKBadded 2025/01/22 3:15 p.m.2 views

CVE-2025-23686

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phpdevca Admin Menu Organizer admin-menu-organizer allows Reflected XSS.This issue affects Admin Menu Organizer: from n/a through = 1.0.1...

7.1CVSS7.2AI score0.00361EPSS
Exploits0References3
NVD
NVDadded 2025/01/22 3:15 p.m.3 views

CVE-2025-23686

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phpdevca Admin Menu Organizer admin-menu-organizer allows Reflected XSS.This issue affects Admin Menu Organizer: from n/a through = 1.0.1...

7.1CVSS0.00361EPSS
Exploits0References1
CVE
CVEadded 2025/01/22 2:29 p.m.45 views

CVE-2025-23686

CVE-2025-23686 is a reported Reflected Cross-Site Scripting in the WordPress plugin Admin Menu Organizer , affecting versions from n/a up to 1.0.1 . The connected Red Hat and vulnerability catalog entries repeat the description but do not provide technical specifics such as vulnerable vectors, ro...

7.1CVSS7.2AI score0.00361EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/01/22 2:29 p.m.6 views

CVE-2025-23686 WordPress Admin Menu Organizer plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Callum Richards Admin Menu Organizer allows Reflected XSS. This issue affects Admin Menu Organizer: from n/a through 1.0.1...

7.1CVSS7AI score0.00361EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/01/22 2:29 p.m.13 views

CVE-2025-23686 WordPress Admin Menu Organizer plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phpdevca Admin Menu Organizer admin-menu-organizer allows Reflected XSS.This issue affects Admin Menu Organizer: from n/a through = 1.0.1...

7.1CVSS0.00361EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/01/22 12:0 a.m.2 views

WordPress plugin Admin Menu Organizer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS7.8AI score0.00361EPSS
Exploits0References2
Patchstack
Patchstackadded 2025/01/16 6:42 p.m.1 views

WordPress Admin Menu Organizer plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Zlrqh in WordPress Plugin Admin Menu Organizer versions = 1.0.1...

7.1CVSS6.1AI score0.00361EPSS
Exploits0Affected Software1
Snyk
Snykadded 2024/12/28 12:30 a.m.2 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the admin/auth/menu and /admin/auth/extensions components due to improper user input sanitization. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a malicio...

4.8CVSS5.3AI score0.00259EPSS
Exploits1References2
CNNVD
CNNVDadded 2024/12/27 12:0 a.m.4 views

Dcat Admin 安全漏洞

Dcat Admin is a backend system builder based on the secondary development of laravel-admin by Jiang Qinghua. A security vulnerability exists in Dcat Admin v2.2.0-beta and v2.2.2-beta, which was discovered to contain a cross-site scripting vulnerability via /admin/auth/menu and...

4.8CVSS6AI score0.00259EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/12/27 12:0 a.m.11 views

CVE-2024-54775

Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting XSS vulnerability via /admin/auth/menu and /admin/auth/extensions...

5.9AI score0.00259EPSS
Exploits1References1
NVD
NVDadded 2024/11/09 2:15 p.m.6 views

CVE-2024-51618

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DuoGeek Custom Admin Menu custom-admin-menu allows Stored XSS.This issue affects Custom Admin Menu: from n/a through = 1.0.0...

6.5CVSS0.00238EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/11/09 2:0 p.m.14 views

CVE-2024-51618 WordPress Custom Admin Menu plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DuoGeek Custom Admin Menu custom-admin-menu allows Stored XSS.This issue affects Custom Admin Menu: from n/a through = 1.0.0...

6.5CVSS5.9AI score0.00238EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/11/09 12:0 a.m.2 views

WordPress plugin Custom Admin Menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS5.9AI score0.00238EPSS
Exploits0References1
Rows per page
Query Builder