Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/02/18 1:40 a.m.3 views

CVE-2025-12062

The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8.6 via the fcloadtemplate function. This makes it possible for authenticated attackers, with Subscriber-leve...

8.8CVSS6.4AI score0.00067EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/02/16 11:22 p.m.28 views

CVE-2025-12062 WP Maps <= 4.8.6 - Authenticated (Subscriber+) Limited Local File Inclusion

The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8.6 via the fcloadtemplate function. This makes it possible for authenticated attackers, with Subscriber-leve...

8.8CVSS0.00067EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/21 8:49 p.m.7 views

CVE-2005-2055

RealPlayer 8, 10, 10.5 6.0.12.1040-1069, and Enterprise and RealOne Player v1 and v2 allows remote malicious web server to create an arbitrary HTML file that executes an RM file via "default settings of earlier Internet Explorer browsers"...

5CVSS7AI score0.0034EPSS
Exploits0References1
CVE
CVEadded 2024/06/25 11:9 a.m.87 views

CVE-2024-6306

CVE-2024-6306 is a duplicate of CVE-2024-32111. Connected sources detail a Path Traversal vulnerability in WordPress core, describing improper pathname handling that allowed relative path traversal across multiple versions. The OSV/NVD entries specify affected versions up to WordPress 6.5.4 and i...

6.6AI score
Exploits0
Veracode
Veracodeadded 2022/07/14 5:40 p.m.22 views

Cross Site Scripting (XSS)

Prestashop is vulnerable to cross site scripting. The product catalog feature allows for an admin to upload arbitrary .html files with...

4.8CVSS5.6AI score0.00169EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2022/06/13 12:42 p.m.16 views

CVE-2022-1777 Filr - Secure Document Library < 1.2.2.1 - Subscriber+ AJAX Calls

The Filr WordPress plugin before 1.2.2.1 does not have authorisation check in two of its AJAX actions, allowing them to be called by any authenticated users, such as subscriber. They are are protected with a nonce, however the nonce is leaked on the dashboard. This could allow them to upload...

8.7AI score0.00838EPSS
Exploits2References1
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.11 views

Hummingbird Collaboration Application Cookie Internal Network Information Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/16195/info Hummingbird Enterprise Collaboration is prone to multiple vulnerabilities. The following specific issues were identified: The application reportedly allows remote attackers to upload arbitrary HTML files and...

7.1AI score
Exploits0
Rows per page
Query Builder