Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-42991

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00218EPSS
Exploits2References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-42992

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00194EPSS
Exploits2References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:7 p.m.4 views

CVE-2022-3632

The OAuth Client by DigitialPixies WordPress plugin through 1.1.0 does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions...

6.5CVSS6.8AI score0.00194EPSS
Exploits2
Patchstack
Patchstackadded 2022/11/15 12:0 a.m.16 views

WordPress OAuth Client by DigitialPixies plugin <= 1.1.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by Lana Codes in WordPress OAuth Client by DigitialPixies plugin versions = 1.1.0 Solution No patched version is available. This plugin has been closed as of October 21, 2022 and is not available for download. This closure is temporary,...

6.5CVSS3.8AI score0.00194EPSS
Exploits2References1Affected Software1
Prion
Prionadded 2022/11/14 3:15 p.m.13 views

Cross site scripting

The OAuth Client by DigitialPixies WordPress plugin through 1.1.0 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite...

4.3CVSS4.8AI score0.00218EPSS
Exploits2References1Affected Software1
CVE
CVEadded 2022/11/14 12:0 a.m.61 views

CVE-2022-3632

CVE-2022-3632 affects the WordPress plugin OAuth Client by DigitialPixies (versions prior to 1.1.1). The issue is a CSRF vulnerability due to missing CSRF checks in certain locations, enabling an attacker to cause logged-in users to perform unwanted actions. Affected component: OAuth Client plugi...

6.5CVSS6.4AI score0.00194EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/11/14 12:0 a.m.4 views

CVE-2022-3632 OAuth Client by DigitialPixies <= 1.1.0 - CSRF

The OAuth Client by DigitialPixies WordPress plugin through 1.1.0 does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions...

7.1AI score0.00194EPSS
Exploits2References1
Vulnrichment
Vulnrichmentadded 2022/11/14 12:0 a.m.5 views

CVE-2022-3631 OAuth Client by DigitialPixies <= 1.1.0 - Admin+ Stored Cross-Site Scripting

The OAuth Client by DigitialPixies WordPress plugin through 1.1.0 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite...

5.8AI score0.00218EPSS
Exploits2References1
CVE
CVEadded 2022/11/14 12:0 a.m.59 views

CVE-2022-3631

CVE-2022-3631 affects the WordPress plugin OAuth Client by DigitialPixies (versions

4.8CVSS4.8AI score0.00218EPSS
Exploits2References1Affected Software1
wpexploit
wpexploitadded 2022/10/21 12:0 a.m.91 views

OAuth Client by DigitialPixies <= 1.1.0 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions. Make a logged in user visit a page with the following code fetch'https://example.com/wp-admin/admin-ajax.php', method: 'POST', headers: new Headers 'Content-Type':...

6.5CVSS1.9AI score0.00194EPSS
Exploits2
Rows per page
Query Builder