Lucene search
+L

5 matches found

CVE
CVE
added last week8 views

CVE-2026-1667

The CVE concerns the SEO Plugin by Squirrly SEO for WordPress (up to version 14.0.0) with a vulnerability in savePost() that allows unauthenticated users to create arbitrary posts and, if Advanced Custom Fields is installed, to inject stored XSS scripts. Root cause is a leak of an API token and i...

7.2CVSS6.2AI score0.00186EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/16 11:34 p.m.8 views

NPM: n8n: SecurityScorecard Node Leaks API Token to User-Controlled Host

NPM: n8n: SecurityScorecard Node Leaks API Token to User-Controlled Host vulnerability discovered by ? in WordPress Npm n8n versions 1.123.55...

7.7CVSS5.8AI score0.00353EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 7:31 a.m.11 views

CVE-2024-48951

An issue was discovered in Logpoint before 7.5.0. Server-Side Request Forgery SSRF on SOAR can be used to leak Logpoint's API Token leading to authentication bypass...

7.5CVSS7.1AI score0.00312EPSS
Exploits0References1
OSV
OSV
added 2024/11/07 5:15 p.m.8 views

CVE-2024-48951

An issue was discovered in Logpoint before 7.5.0. Server-Side Request Forgery SSRF on SOAR can be used to leak Logpoint's API Token leading to authentication bypass...

7.5CVSS5.8AI score0.00312EPSS
Exploits0References3
Hacker One
Hacker One
added 2024/09/24 7:34 a.m.10 views

Mozilla: User API Key leakage in Github commit leads to unauthorized access to sql.telemetry.mozilla.org

A Mozilla employee's API token for https://sql.telemetry.mozilla.org was leaked in one of the Github repos. The token provided access to the service dashboard which contained confidential data. The API token was rotated and removed from the service...

7.1AI score
Exploits0
Rows per page
Query Builder