Lucene search
K

1840 matches found

CVE
CVE
added 2026/05/12 11:2 a.m.14 views

CVE-2026-45210

Broadstreet Ads WordPress plugin

5.4CVSS5.8AI score0.0017EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 11:2 a.m.44 views

CVE-2026-45210 WordPress Broadstreet Ads plugin <= 1.52.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broadstreet Ads: from n/a through = 1.52.2...

5.4CVSS0.0017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 11:2 a.m.13 views

CVE-2026-45210

Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broadstreet Ads: from n/a through = 1.52.2...

5.4CVSS5.8AI score0.0017EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

WordPress plugin MonsterInsights – Google Analytics Dashboard for WordPress 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.1CVSS5.8AI score0.00349EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

WordPress plugin Broadstreet Ads 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.4CVSS5.8AI score0.0017EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.16 views

PT-2026-40465

Name of the Vulnerable Software and Affected Versions MonsterInsights – Google Analytics Dashboard for WordPress versions prior to 10.1.3 Description Missing capability checks in the get ads access token and reset experience functions allow authenticated attackers with Subscriber-level access or...

7.1CVSS5.8AI score0.00349EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.14 views

PT-2026-40010

Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broadstreet Ads: from n/a through = 1.52.2...

5.4CVSS5.8AI score0.0017EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/06 3:32 p.m.9 views

EUVD-2026-27826

Cross Site Scripting vulnerability in Juzaweb CMS v.5.0.0 allows a remote attacker via execute arbitrary code via a crafted script to the Add Banner Ads function...

5.4CVSS6.2AI score0.00202EPSS
Exploits0References4
NVD
NVD
added 2026/05/06 2:16 p.m.12 views

CVE-2026-36358

Cross Site Scripting vulnerability in Juzaweb CMS v.5.0.0 allows a remote attacker via execute arbitrary code via a crafted script to the Add Banner Ads function...

5.4CVSS0.00202EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 12:0 a.m.19 views

CVE-2026-36358

CVE-2026-36358 is a Cross Site Scripting vulnerability in Juzaweb CMS v5.0.0. The issue allows a remote attacker to execute arbitrary code via a crafted script submitted to the Add Banner Ads function. Connected documents confirm the same description across NVD, CVE List, and related feeds; no ex...

5.4CVSS6.2AI score0.00202EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/06 12:0 a.m.7 views

CVE-2026-36358

Cross Site Scripting vulnerability in Juzaweb CMS v.5.0.0 allows a remote attacker via execute arbitrary code via a crafted script to the Add Banner Ads function...

6.2AI score0.00202EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/06 12:0 a.m.33 views

CVE-2026-36358

Cross Site Scripting vulnerability in Juzaweb CMS v.5.0.0 allows a remote attacker via execute arbitrary code via a crafted script to the Add Banner Ads function...

0.00202EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/06 12:0 a.m.9 views

CVE-2026-36358

Cross Site Scripting vulnerability in Juzaweb CMS v.5.0.0 allows a remote attacker via execute arbitrary code via a crafted script to the Add Banner Ads function...

5.4CVSS6.2AI score0.00202EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.13 views

PT-2026-37629

Cross Site Scripting vulnerability in Juzaweb CMS v.5.0.0 allows a remote attacker via execute arbitrary code via a crafted script to the Add Banner Ads function...

5.4CVSS6.2AI score0.00202EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.8 views

Juzaweb CMS 跨站脚本漏洞

Juzaweb CMS is a content management system developed by Juzaweb’s individual developers, based on the Laravel framework and web platform. Version 5.0.0 of Juzaweb CMS has a cross-site scripting vulnerability. This vulnerability stems from the Add Banner Ads feature, which contains cross-site...

5.4CVSS5.8AI score0.00202EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2026/05/04 11:41 a.m.13 views

Thousands of Facebook accounts stolen by phishing emails sent through Google

Researchers have uncovered a long-running phishing operation that abuses trusted Google services to hijack tens of thousands of Facebook accounts. The compromised Facebook accounts are mainly business and advertiser profiles, which criminals can monetize after gaining access and control. The...

5.7AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2026/05/04 12:0 a.m.8 views

VulnCheck KEV: CVE-2025-5339

The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘bsaproid’ parameter in all versions up to, and including, 4.89 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on...

7.5CVSS5.9AI score0.00327EPSS
In wildExploits0References2
NVD
NVD
added 2026/04/24 4:16 a.m.12 views

CVE-2026-5488

The ExactMetrics – Google Analytics Dashboard for WordPress plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 9.1.2. This is due to missing capability checks in the getadsaccesstoken and resetexperience AJAX handlers. While the mi-admin-nonce is localized...

5.3CVSS0.00258EPSS
Exploits0References8
EUVD
EUVD
added 2026/04/24 3:27 a.m.8 views

EUVD-2026-25393

The ExactMetrics – Google Analytics Dashboard for WordPress plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 9.1.2. This is due to missing capability checks in the getadsaccesstoken and resetexperience AJAX handlers. While the mi-admin-nonce is localized...

5.3CVSS5.7AI score0.00258EPSS
Exploits0References8
CVE
CVE
added 2026/04/24 3:27 a.m.19 views

CVE-2026-5488

The CVE-2026-5488 issue affects the ExactMetrics – Google Analytics Dashboard for WordPress plugin (WordPress). It stems from missing capability checks in two AJAX handlers (get_ads_access_token() and reset_experience()), allowing authenticated users with subscriber-level access or higher to retr...

5.3CVSS5.7AI score0.00258EPSS
Exploits0References8
Rows per page
Query Builder