Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-29038

Malware in sbrugna...

6.8CVSS6.6AI score0.00085EPSS
Exploits1References3
OSV
OSVadded 2025/07/02 4:15 a.m.5 views

CVE-2025-3848

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-25171. Reason: This candidate is a reservation duplicate of CVE-2025-25171. Notes: All CVE users should reference CVE-2025-25171 instead of this candidate. All references and descriptions in this candidate have been...

6.4AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/11 7:11 a.m.19 views

CVE-2025-3605

The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.1. This is due to the plugin not properly validating a user's identity prior to updating their details like email via the...

9.8CVSS7.3AI score0.12729EPSS
Exploits4References1
Vulnrichment
Vulnrichmentadded 2025/04/08 1:44 a.m.4 views

CVE-2025-2526 Streamit <= 4.0.2 - Authenticated (Subscriber+) Privilege Escalation via User Email Change/Account Takeover

The Streamit theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like email in the 'stAuthenticationController::editprofile'...

8.8CVSS7.8AI score0.00418EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/02/05 10:44 p.m.8 views

CVE-2022-36073

RubyGems.org is the Ruby community gem host. A bug in password & email change confirmation code allowed an attacker to change their RubyGems.org account's email to an unowned email address. Having access to an account whose email has been changed could enable an attacker to save API keys for that...

8.8CVSS7.1AI score0.00452EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/02/05 1:44 a.m.3 views

CVE-2024-11281

The WooCommerce Point of Sale plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0. This is due to insufficient validation on the 'loggedinuserid' value when option values are empty and the ability for attackers to change the email of arbitrary us...

9.8CVSS7.6AI score0.04168EPSS
Exploits0References1
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.16 views

Sourcebans <= 1.4.2 Arbitrary Change Admin Email Vulnerability

No description provided by source. Sourcebans PHP sb-callback.php Author: Mr. Anonymous ------ Vendor:http://www.sourcebans.com Affected Versions: = 1.4.2 ----- Exploit sb-callback lines 185-204: ------------- function ChangeEmail$aid, $email ...SNIP... $GLOBALS'db'-ExecuteUPDATE .DBPREFIX.admins...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2009/06/22 12:0 a.m.19 views

Sourcebans &lt;= 1.4.2 Arbitrary Change Admin Email Vulnerability

No description provided by source. Sourcebans PHP sb-callback.php Author: Mr. Anonymous ------ Vendor:http://www.sourcebans.com Affected Versions: = 1.4.2 ----- Exploit sb-callback lines 185-204: ------------- function ChangeEmail$aid, $email ...SNIP... $GLOBALS'db'-Execute"UPDATE...

7.1AI score
Exploits0
Rows per page
Query Builder