Lucene search
K

10 matches found

Packet Storm
Packet Storm
added 2026/02/06 12:0 a.m.204 views

📄 WordPress SureTriggers 1.0.78 Authentication Bypass

WordPress SureTriggers plugin versions 1.0.78 and below expose an unauthenticated REST endpoint that allows construction of a user creation payload. This proof of concept demonstrates structure and logic only. No admin account is created, no plugin uploaded...

8.1CVSS5.3AI score0.76126EPSS
Exploits8
GithubExploit
GithubExploit
added 2025/04/20 1:59 p.m.223 views

Exploit for CVE-2025-3102

CVE-2025-3102 🛠️ SureTriggers Exploit Script Script ini diguna...

8.1CVSS7.2AI score0.76126EPSS
Exploits8
GithubExploit
GithubExploit
added 2025/04/14 10:20 a.m.214 views

Exploit for CVE-2025-3102

🔐 CVE-2025-3102 – Authentication Bypass in SureTriggers WordPr...

8.1CVSS7.7AI score0.76126EPSS
Exploits8
GithubExploit
GithubExploit
added 2025/04/12 4:22 a.m.178 views

Exploit for CVE-2025-3102

Vanda CVE-2025-3102 💣 Exploit com interface gráfica para a vuln...

8.1CVSS8.3AI score0.76126EPSS
Exploits8
GithubExploit
GithubExploit
added 2025/04/12 4:22 a.m.480 views

Exploit for CVE-2025-3102

Vanda CVE-2025-3102 💣 Exploit com interface gráfica para a vuln...

8.1CVSS8.3AI score0.76126EPSS
Exploits8
The Hacker News
The Hacker News
added 2025/04/11 4:58 a.m.40 views

OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation

A newly disclosed high-severity security flaw impacting OttoKit formerly SureTriggers has come under active exploitation within a few hours of public disclosure. The vulnerability, tracked as CVE-2025-3102 CVSS score: 8.1, is an authorization bypass bug that could permit an attacker to create...

8.1CVSS8.2AI score0.76126EPSS
Exploits8
Circl
Circl
added 2025/04/10 4:49 a.m.92 views

CVE-2025-3102

creationtimestamp| type| source ---|---|--- 2025-04-10 04:49:04+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11192 2025-04-10 07:30:19+00:00| seen| Telegram/TrTtZDlxpbFpk8M-zmc8aWcsEx5X5eIera1FkEN864Om4qg 2025-04-10 07:48:31+00:00| seen|...

8.1CVSS7.5AI score0.76126EPSS
In wildExploits8References47
Vulnrichment
Vulnrichment
added 2025/04/10 4:22 a.m.16 views

CVE-2025-3102 SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation

The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secretkey' value in the 'autheticateuser' function in all versions up to, and including, 1.0.78. Th...

8.1CVSS8.2AI score0.76126EPSS
Exploits8References3
CVE
CVE
added 2025/04/10 4:22 a.m.303 views

CVE-2025-3102

CVE-2025-3102 — SureTriggers WordPress plugin (≤ 1.0.78) vulnerable to authentication bypass that allows unauthenticated creation of administrator accounts via the plugin’s REST API when the API key is not configured. Evidence across sources shows a missing empty value check on the secret_key in ...

8.1CVSS8.2AI score0.76126EPSS
In wildExploits8References3
Patchstack
Patchstack
added 2025/04/09 5:21 p.m.14 views

WordPress SureTriggers plugin <= 1.0.78 - Authorization Bypass vulnerability

Authorization Bypass vulnerability discovered by mikemyers in WordPress Plugin OttoKit versions = 1.0.78...

8.1CVSS8.7AI score0.76126EPSS
Exploits8References1Affected Software1
Rows per page
Query Builder