Lucene search
+L

3677 matches found

Malwarebytes
Malwarebytes
added 2026/03/26 10:43 a.m.7 views

Landmark verdicts put Meta’s “addiction machine” platforms on trial

Meta faced two major legal setbacks this week as courts in New Mexico and California both found the company liable for harm to children. A New Mexico jury just ordered Meta to pay $375 million for misleading parents about child safety on Instagram and Facebook. Jurors found the company violated...

5.5AI score
Exploits0
NVD
NVD
added 2026/03/25 5:17 p.m.7 views

CVE-2026-32491

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jgwhite33 WP Review Slider wp-facebook-reviews allows Stored XSS.This issue affects WP Review Slider: from n/a through = 13.9...

6.5CVSS0.00156EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.3 views

CVE-2026-32491 WordPress WP Review Slider plugin <= 13.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jgwhite33 WP Review Slider wp-facebook-reviews allows Stored XSS.This issue affects WP Review Slider: from n/a through = 13.9...

6.5CVSS5.8AI score0.00156EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 4:14 p.m.7 views

CVE-2026-32491

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jgwhite33 WP Review Slider wp-facebook-reviews allows Stored XSS.This issue affects WP Review Slider: from n/a through = 13.9...

5.8AI score0.00156EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.9 views

PT-2026-28005

Name of the Vulnerable Software and Affected Versions WP Review Slider versions prior to 13.9 Description A flaw exists in jgwhite33 WP Review Slider wp-facebook-reviews that allows for Stored Cross-site Scripting XSS. This issue arises from improper handling of input during web page generation. ...

6.5CVSS5.9AI score0.00156EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/23 6:41 a.m.35 views

CVE-2025-13997 King Addons for Elementor <= 51.1.49 - Unauthenticated API Keys Disclosure

The King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets for Elementor plugin for WordPress is vulnerable to unauthenticated API key disclosure in all versions up to, and including, 51.1.49 due to the plugin adding the API keys to the HTML source code via...

5.3CVSS0.00219EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/23 6:41 a.m.2 views

CVE-2025-13997

The King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets for Elementor plugin for WordPress is vulnerable to unauthenticated API key disclosure in all versions up to, and including, 51.1.49 due to the plugin adding the API keys to the HTML source code via...

5.3CVSS5.8AI score0.00219EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/23 6:41 a.m.3 views

CVE-2025-13997 King Addons for Elementor <= 51.1.49 - Unauthenticated API Keys Disclosure

The King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets for Elementor plugin for WordPress is vulnerable to unauthenticated API key disclosure in all versions up to, and including, 51.1.49 due to the plugin adding the API keys to the HTML source code via...

5.3CVSS5.8AI score0.00219EPSS
Exploits0References2
CVE
CVE
added 2026/03/23 6:41 a.m.16 views

CVE-2025-13997

The CVE-2025-13997 entry concerns the King Addons for Elementor WordPress plugin. Affected: King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets for Elementor. Root cause: unauthenticated API key disclosure caused by the plugin adding API keys to the HTML ...

5.3CVSS5.8AI score0.00219EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.11 views

PT-2026-27061

The King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets for Elementor plugin for WordPress is vulnerable to unauthenticated API key disclosure in all versions up to, and including, 51.1.49 due to the plugin adding the API keys to the HTML source code via...

5.3CVSS5.8AI score0.00219EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/03/17 7:14 p.m.131 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182RCEExploit REC Exploit is a Python-based secur...

10CVSS6AI score0.99562EPSS
Exploits376
NVD
NVD
added 2026/03/13 7:55 p.m.5 views

CVE-2026-32428

Missing Authorization vulnerability in Ays Pro Popup Like box ays-facebook-popup-likebox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Like box: from n/a through = 3.7.7...

5.3CVSS0.00224EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 11:42 a.m.1 views

CVE-2026-32428

Missing Authorization vulnerability in Ays Pro Popup Like box ays-facebook-popup-likebox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Like box: from n/a through = 3.7.7...

5.8AI score0.00224EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/13 10:54 a.m.6 views

Malicious code in project47 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a3f77d5ebfcf087b4f055d7ce552ee0165eadf99d8cc6dcd0f3c767393099d27 Facebook hacking tool that also forces the user to follow specific accounts --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/13 10:54 a.m.9 views

MAL-2026-1412 Malicious code in project47 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a3f77d5ebfcf087b4f055d7ce552ee0165eadf99d8cc6dcd0f3c767393099d27 Facebook hacking tool that also forces the user to follow specific accounts --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/13 10:41 a.m.8 views

Malicious code in nfd (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 09861068d4a40cdebd80dae1ae4db85b45498bdb1f7f039cf44b33f41e68534f Facebook automation/hacking tool, with a part of its code obfuscated. Given that other packages from this uploader exfiltrate user's credentials, this is likel...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/03/13 10:41 a.m.11 views

MAL-2026-1411 Malicious code in nfd (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 09861068d4a40cdebd80dae1ae4db85b45498bdb1f7f039cf44b33f41e68534f Facebook automation/hacking tool, with a part of its code obfuscated. Given that other packages from this uploader exfiltrate user's credentials, this is likel...

5.9AI score
Exploits0References1
CVE
CVE
added 2026/03/13 1:18 a.m.18 views

CVE-2026-22203

wpDiscuz before 7.6.47 has an information disclosure vulnerability: exporting plugin options as JSON can leak plaintext OAuth secrets (e.g., fbAppSecret, googleClientSecret, twitterAppSecret, and other social-login credentials) via support tickets, backups, or version control repositories. The CV...

6.9CVSS5.8AI score0.00274EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.12 views

PT-2026-25274

Missing Authorization vulnerability in Ays Pro Popup Like box ays-facebook-popup-likebox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Like box: from n/a through = 3.7.7...

5.3CVSS5.8AI score0.00224EPSS
Exploits0References3
OSV
OSV
added 2026/03/11 3:49 p.m.4 views

BIT-PARSE-2026-30863 Parse Server: JWT audience validation bypass in Google, Apple, and Facebook authentication adapters

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.10 and 9.5.0, the Google, Apple, and Facebook authentication adapters use JWT verification to validate identity tokens. When the adapter's audience configuration option is...

9.8CVSS5.7AI score0.00525EPSS
Exploits0References2
Rows per page
Query Builder