Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Positive Technologies
Positive Technologiesadded 2022/04/25 12:0 a.m.2 views

PT-2022-19590 · WordPress · Shortpixel Adaptive Images

Name of the Vulnerable Software and Affected Versions: ShortPixel Adaptive Images plugin versions 3.3.1 and earlier Description: The issue allows an attacker with a low user role, such as a subscriber or higher, to change the plugin settings. Recommendations: For versions 3.3.1 and earlier, updat...

4.3CVSS4.4AI score0.00135EPSS
Exploits0References5
OSV
OSVadded 2021/04/05 7:15 p.m.0 views

CVE-2021-24174

The Database Backups WordPress plugin through 1.2.2.6 does not have CSRF checks, allowing attackers to make a logged in user unwanted actions, such as generate backups of the database, change the plugin's settings and delete backups...

8.1CVSS5.8AI score0.00375EPSS
Exploits5References2
WPVulnDB
WPVulnDBadded 2020/09/05 12:0 a.m.10 views

NextScripts: Social Networks Auto-Poster < 4.3.18 - Insufficient Privilege Validation

The plugin is giving access to several functionalities without proper authorisation checks, allowing low privileged attackers the possibility to Remove Posts by corrupting the post type and other data, Post Arbitrary Information in the site social networks as well as Change the plugin settings...

5.6AI score
Exploits0References1Affected Software1
CNVD
CNVDadded 2017/07/27 12:0 a.m.1 views

WordPress YouTube Plugin Cross-Site Request Forgery Vulnerability

WordPress is a free and open source blogging software and content management system that uses PHP and MySQL as its platform. A cross-site request forgery vulnerability exists in the WordPress YouTube plugin version 11.8.1, which allows an unauthenticated attacker to change any setting in the plug...

6.8AI score
Exploits0References1
CNVD
CNVDadded 2015/01/08 12:0 a.m.1 views

WordPress Plugin Simple Sticky Footer Has Multiple Cross-Site Request Forgery Vulnerabilities

WordPress is a use of PHP language development of blogging platform , users can support PHP and MySQL database server set up their own weblog . Simple Sticky Footer plugin is a footer can be tightly affixed to the bottom of the page plugin . The WordPress plugin Simple Sticky Footer has multiple...

6.8CVSS6.8AI score0.00251EPSS
Exploits1References1
Prion
Prionadded 2015/01/02 7:59 p.m.14 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Sliding Social Icons plugin 1.61 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings via unspecified vectors or 2 conduct cross-site scripting XSS attacks via...

6.8CVSS7AI score0.00095EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder