Lucene search
K

1489498 matches found

NVD
NVD
added 15 minutes ago1 views

CVE-2026-12918

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to generic SQL Injection via the 'recipients' parameter in all versions up to, and including, 1.24.1 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS
Exploits0References6
Cvelist
Cvelist
added 59 minutes ago2 views

CVE-2026-12918 Mail Mint <= 1.24.1 - Authenticated (Administrator+) SQL Injection via 'recipients' Parameter

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to generic SQL Injection via the 'recipients' parameter in all versions up to, and including, 1.24.1 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS
Exploits0References6
CVE
CVE
added 59 minutes ago4 views

CVE-2026-12918

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to generic SQL Injection via the 'recipients' parameter in all versions up to, and including, 1.24.1 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS6.1AI score
Exploits0References6
NVD
NVD
added 1 hour ago3 views

CVE-2026-12924

The Eventin – Event Calendar, Event Registration, Tickets & Booking AI Powered plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'etnfaqcontent' parameter in all versions up to, and including, 4.1.15 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS
Exploits0References8
GithubExploit
GithubExploit
added 1 hour ago4 views

Exploit for Deserialization of Untrusted Data in Apache Camel

camel-jms JMS ObjectMessage Unsafe Deserialization Reproducer...

9.8CVSS6.2AI score0.00881EPSS
Exploits1
The Hacker News
The Hacker News
added 1 hour ago3 views

Attackers Exploit 'Ill Bloom' Vulnerability to Drain $3.1 Million From Cryptocurrency Wallets

Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom , and attackers are already using it. The flaw is in how some wallet software generated its recovery phrase, the words that control the money. When that phrase is made with weak randomness, an attacker can work it out a...

6.1AI score
Exploits0
GithubExploit
GithubExploit
added 1 hour ago7 views

Exploit for Deserialization of Untrusted Data in Apache Camel

camel-netty-http / camel-vertx-http HTTP-Response Unsafe Deser...

8.1CVSS6.2AI score0.00724EPSS
Exploits1
GithubExploit
GithubExploit
added 2 hours ago9 views

Exploit for Improper Access Control in Ollyo Helix3

Исследование уязвимости CVE-2026-49049: Unauthenticated Arbitr...

7.5CVSS6.1AI score0.00228EPSS
Exploits3
F5 Networks
F5 Networks
added 2 hours ago2 views

K000162183: Spring web services vulnerability CVE-2026-40996

Security Advisory Description Wss4jSecurityInterceptor defaulted allowRSA15KeyTransportAlgorithm to true, overriding Apache WSS4J's safer default for validation RequestData. Inbound WS-Security decryption could therefore accept RSA PKCS1 v1.5 rsa-15 encrypted key material unless operators...

4.8CVSS6.1AI score0.00129EPSS
Exploits0
GithubExploit
GithubExploit
added 2 hours ago7 views

Exploit for Out-of-bounds Write in Mediatek Software_Development_Kit

CVE-2025-20720 — PolyShell: Magento 2 Unauthenticated File Uploa...

8.8CVSS6.5AI score0.00237EPSS
Exploits1
Cvelist
Cvelist
added 2 hours ago3 views

CVE-2026-12924 Eventin <= 4.1.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'etn_faq_content' Parameter

The Eventin – Event Calendar, Event Registration, Tickets & Booking AI Powered plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'etnfaqcontent' parameter in all versions up to, and including, 4.1.15 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS
Exploits0References8
EUVD
EUVD
added 2 hours ago2 views

EUVD-2026-42843

The Eventin – Event Calendar, Event Registration, Tickets & Booking AI Powered plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'etnfaqcontent' parameter in all versions up to, and including, 4.1.15 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS6.2AI score
Exploits0References8
CVE
CVE
added 2 hours ago2 views

CVE-2026-12924

The Eventin – Event Calendar, Event Registration, Tickets & Booking AI Powered plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'etnfaqcontent' parameter in all versions up to, and including, 4.1.15 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS6.2AI score
Exploits0References8
GithubExploit
GithubExploit
added 2 hours ago10 views

Exploit for CVE-2024-51482

CVE-2024-51482 — ZoneMinder Time-Based Blind SQL Injection A...

9.9CVSS6.2AI score0.36899EPSS
Exploits9
GithubExploit
GithubExploit
added 2 hours ago8 views

Exploit for Deserialization of Untrusted Data in Apache Camel

camel-infinispan Remote Aggregation Repository Unsafe Deserial...

8.8CVSS6.3AI score0.00711EPSS
Exploits2
Patchstack
Patchstack
added 4 hours ago3 views

WordPress WP Hotel Booking plugin <= 2.3.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by 1M4 in WordPress Plugin WP Hotel Booking versions = 2.3.1...

6.1CVSS5.9AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 4 hours ago5 views

WordPress Hide My WP Lite plugin <= 1.3 - Unauthenticated Path Traversal to Arbitrary File Read vulnerability

Unauthenticated Path Traversal to Arbitrary File Read vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Hide My WP Lite versions = 1.3...

7.5CVSS5.9AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 4 hours ago6 views

WordPress UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin <= 1.2.65 - Authenticated (Subscriber+) Arbitrary File Deletion vulnerability

Authenticated Subscriber+ Arbitrary File Deletion vulnerability discovered by daroo in WordPress Plugin UsersWP versions = 1.2.65...

8.8CVSS5.9AI score
Exploits0References1Affected Software1
Rockylinux
Rockylinux
added 4 hours ago4 views

tomcat security, bug fix, and enhancement update

An update is available for tomcat. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages...

7.5CVSS7AI score0.15831EPSS
Exploits6
NCSC
NCSC
added 4 hours ago2 views

Vulnerabilities managed in GitLab Enterprise Edition and Community Edition

GitLab has identified several vulnerabilities in GitLab Enterprise Edition EE and Community Edition CE versions ranging from 9.1 to 18.11.7, 19.0 to 19.0.4, and 19.1 to 19.1.2. The vulnerabilities include: - Creating repositories with discrepancies between the web interface and the actual...

8.7CVSS6.1AI score0.00348EPSS
Exploits0References1
Rows per page
Query Builder