Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2 days ago4 views

CVE-2026-1673

The BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5. This is due to missing nonce validation on the woobedeletetaxterm function. This makes it possible...

4.3CVSS5.4AI score0.00014EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/22 7:45 a.m.0 views

CVE-2026-4128

The TP Restore Categories And Taxonomies plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.1. The deleteterm function, which handles the 'tpmcatttdeleteterm' AJAX action, does not perform any capability check e.g., currentusercan to verify the...

4.3CVSS5.8AI score0.00009EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2025/12/04 3:36 p.m.2 views

CVE-2025-13354

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.40.1. This is due to the plugin not properly verifying that a user is authorized to perform an action in the...

4.3CVSS6AI score0.00036EPSS
Exploits0References1
OSV
OSVadded 2025/12/03 2:15 p.m.1 views

CVE-2025-13354

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.40.1. This is due to the plugin not properly verifying that a user is authorized to perform an action in the...

4.3CVSS5.9AI score
Exploits0References2
EUVD
EUVDadded 2025/12/03 1:52 p.m.3 views

EUVD-2025-200971

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.40.1. This is due to the plugin not properly verifying that a user is authorized to perform an action in the...

4.3CVSS5.5AI score0.00036EPSS
Exploits0References3
OSV
OSVadded 2024/12/03 9:15 a.m.0 views

CVE-2024-11844

The IdeaPush plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ideapushtaxonomysaveroutine function in all versions up to, and including, 8.71. This makes it possible for authenticated attackers, with Subscriber-level access and above...

4.3CVSS5.8AI score
Exploits0References3
OSV
OSVadded 2021/09/22 5:9 p.m.2 views

DRUPAL-CONTRIB-2021-035

This module provides a powerful interface for managing a taxonomy vocabulary. A vocabulary gets displayed in a dynamic tree view, where parent terms can be expanded to list their nested child terms or can be collapsed. The module does not take the correct user permissions into account, allowing a...

6.7AI score
Exploits0References1
Drupal
Drupaladded 2021/09/22 12:0 a.m.3 views

Taxonomy Manager - Moderately critical - Access bypass - SA-CONTRIB-2021-035

This module provides a powerful interface for managing a taxonomy vocabulary. A vocabulary gets displayed in a dynamic tree view, where parent terms can be expanded to list their nested child terms or can be collapsed. The module does not take the correct user permissions into account, allowing a...

5.6AI score
Exploits0References7
Rows per page
Query Builder