Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

588678 matches found

Vulnrichment
Vulnrichmentadded 2026/06/08 1:55 a.m.4 views

CVE-2024-58349 WordPress Theme Travelscape 1.0.3 Arbitrary File Upload

WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting insufficient validation in the theme's upload functionality. Attackers can upload arbitrary files to the theme directory and execute them...

9.8CVSS6.5AI score0.00674EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/06/08 1:55 a.m.7 views

CVE-2024-58349

WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting insufficient validation in the theme's upload functionality. Attackers can upload arbitrary files to the theme directory and execute them...

9.8CVSS6.5AI score0.00674EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2026/06/08 1:55 a.m.16 views

CVE-2024-58349

WordPress Theme Travelscape 1.0.3 is vulnerable to an arbitrary file upload due to insufficient validation in the theme’s upload functionality. This allows unauthenticated attackers to upload arbitrary files to the theme directory and execute them, enabling remote code execution on affected WordP...

9.8CVSS6.5AI score0.00674EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/06/08 1:55 a.m.41 views

CVE-2024-58348 WordPress Background Image Cropper 1.2 Remote Code Execution

WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. Attackers can upload PHP files through the file upload form in the plugin directory to execute arbitrary...

9.8CVSS0.00767EPSS
Exploits0References4
EUVD
EUVDadded 2026/06/08 1:55 a.m.9 views

EUVD-2024-55614

WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. Attackers can upload PHP files through the file upload form in the plugin directory to execute arbitrary...

9.8CVSS6.7AI score0.00767EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/06/08 1:55 a.m.4 views

CVE-2024-58348 WordPress Background Image Cropper 1.2 Remote Code Execution

WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. Attackers can upload PHP files through the file upload form in the plugin directory to execute arbitrary...

9.8CVSS6.7AI score0.00767EPSS
Exploits0References4
CVE
CVEadded 2026/06/08 1:55 a.m.22 views

CVE-2024-58348

Summary: CVE-2024-58348 affects the WordPress Background Image Cropper plugin, version 1.2. An unauthenticated attacker can reach the ups.php endpoint and upload arbitrary files (including PHP scripts), enabling remote code execution on the server. This is a network-accessible issue with low atta...

9.8CVSS6.7AI score0.00767EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/06/08 1:55 a.m.43 views

CVE-2023-54352 WordPress Seotheme Remote Code Execution Unauthenticated

WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by uploading malicious files to the theme directory. Attackers can access the uploaded PHP shell at /wp-content/themes/seotheme/mar.php to execute system commands...

9.8CVSS0.00613EPSS
Exploits0References2
EUVD
EUVDadded 2026/06/08 1:55 a.m.7 views

EUVD-2023-60583

WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by uploading malicious files to the theme directory. Attackers can access the uploaded PHP shell at /wp-content/themes/seotheme/mar.php to execute system commands...

9.8CVSS6.7AI score0.00613EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/06/08 1:55 a.m.4 views

CVE-2023-54352

WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by uploading malicious files to the theme directory. Attackers can access the uploaded PHP shell at /wp-content/themes/seotheme/mar.php to execute system commands...

9.8CVSS6.7AI score0.00613EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/08 1:55 a.m.4 views

CVE-2023-54352 WordPress Seotheme Remote Code Execution Unauthenticated

WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by uploading malicious files to the theme directory. Attackers can access the uploaded PHP shell at /wp-content/themes/seotheme/mar.php to execute system commands...

9.8CVSS6.7AI score0.00613EPSS
Exploits0References2
CVE
CVEadded 2026/06/08 1:55 a.m.15 views

CVE-2023-54352

The CVE-2023-54352 entry concerns WordPress Seotheme, where unauthenticated attackers can trigger remote code execution by uploading malicious files to the theme directory. The attack enables access to a PHP shell at /wp-content/themes/seotheme/mar.php to run system commands and upload additional...

9.8CVSS6.7AI score0.00613EPSS
Exploits0References2
EUVD
EUVDadded 2026/06/08 1:55 a.m.12 views

EUVD-2023-60581

WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder connector that allows unauthenticated attackers to upload and execute arbitrary PHP files. Attackers can send POST requests to the connector.minimal.php endpoint with mkfile and put commands to creat...

8.7CVSS6.7AI score0.00532EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/08 1:55 a.m.5 views

CVE-2023-54350 WordPress Augmented-Reality Plugin Remote Code Execution Unauthenticated

WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder connector that allows unauthenticated attackers to upload and execute arbitrary PHP files. Attackers can send POST requests to the connector.minimal.php endpoint with mkfile and put commands to creat...

8.7CVSS6.7AI score0.00532EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/06/08 1:55 a.m.42 views

CVE-2023-54350 WordPress Augmented-Reality Plugin Remote Code Execution Unauthenticated

WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder connector that allows unauthenticated attackers to upload and execute arbitrary PHP files. Attackers can send POST requests to the connector.minimal.php endpoint with mkfile and put commands to creat...

8.7CVSS0.00532EPSS
Exploits0References2
CVE
CVEadded 2026/06/08 1:55 a.m.18 views

CVE-2023-54350

Affected software: WordPress Augmented-Reality plugin. Vulnerability: remote code execution via the elFinder connector. Access/Impact: unauthenticated attackers can upload and execute arbitrary PHP files on the server. How it exploits: POST to connector.minimal.php with mkfile and put commands to...

8.7CVSS6.7AI score0.00532EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/06/08 1:55 a.m.4 views

CVE-2023-54350

WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder connector that allows unauthenticated attackers to upload and execute arbitrary PHP files. Attackers can send POST requests to the connector.minimal.php endpoint with mkfile and put commands to creat...

8.7CVSS6.7AI score0.00532EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linuxadded 2026/06/08 1:52 a.m.14 views

Important: Red Hat Security Advisory: cockpit-image-builder security update

An update for cockpit-image-builder is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.8AI score0.01026EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2026/06/08 1:52 a.m.25 views

lodash: lodash: Arbitrary code execution via untrusted input in template imports

A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. Additionally, .template uses assignInWith to merge imports, whi...

9.8CVSS6.4AI score0.01026EPSS
Exploits0References7
Tenable Nessus
Tenable Nessusadded 2026/06/08 12:0 a.m.4 views

Amazon Linux 2023 : cuda-compat-13-2 (ALAS2023NVIDIA-2026-296)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2026-296 advisory. NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successfu...

8.8CVSS6.2AI score0.00226EPSS
Exploits0References24
Rows per page
Query Builder