Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-15663

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00732EPSS
Exploits2References1
OSV
OSVadded 2022/04/25 4:16 p.m.1 views

CVE-2022-0541

The flo-launch WordPress plugin before 2.4.1 injects code into wp-config.php when creating a cloned site, allowing any attacker to initiate a new site install by setting the flocustomtableprefix cookie to an arbitrary value...

9.8CVSS5.8AI score
Exploits0References1
CVE
CVEadded 2022/04/25 3:50 p.m.70 views

CVE-2022-0541

The CVE-2022-0541 issue affects the flo-launch WordPress plugin prior to 2.4.1. The vulnerability arises when the plugin injects code into wp-config.php during clone-site creation, enabling an attacker to start a new WordPress installation by setting the flo_custom_table_prefix cookie. Impact is ...

9.8CVSS9.5AI score0.00732EPSS
Exploits2References1Affected Software1
CNNVD
CNNVDadded 2022/04/25 12:0 a.m.2 views

WordPress和WordPress plugin 安全漏洞

WordPress is a blogging platform developed using the PHP language. The WordPress plugin flo-launch version 2.4.1 or earlier is vulnerable to an access control error that originates when the plugin injects code into wp-config.php when creating a clone site. prefix cookie to an arbitrary value to...

9.8CVSS5.8AI score0.00732EPSS
Exploits2References3
Positive Technologies
Positive Technologiesadded 2022/04/25 12:0 a.m.2 views

PT-2022-13251 · WordPress · Flo-Launch

Name of the Vulnerable Software and Affected Versions: flo-launch WordPress plugin versions prior to 2.4.1 Description: The issue allows an attacker to initiate a new site install by setting the flo custom table prefix cookie to an arbitrary value. This is possible because the plugin injects code...

9.8CVSS9.4AI score0.00732EPSS
Exploits2References3
wpexploit
wpexploitadded 2022/03/29 12:0 a.m.91 views

Flo Launch < 2.4.1 - Missing Authentication Allow Full Site Takeover

The plugin injects code into wp-config.php when creating a cloned site, allowing any attacker to initiate a new site install by setting the flocustomtableprefix cookie to an arbitrary value. On any website where flo-launch is active create cookie "flocustomtableprefix" with any string value to...

9.8CVSS1.6AI score0.00732EPSS
Exploits2
Patchstack
Patchstackadded 2022/03/29 12:0 a.m.68 views

WordPress Flo Launch plugin <= 2.4 - Missing Authentication Allows Full Site Takeover vulnerability

Missing Authentication Allows Full Site Takeover vulnerability discovered by Daniel Ruf in WordPress Flo Launch plugin versions = 2.4. Solution Update the WordPress Flo Launch plugin to the latest available version at least 2.4.1...

9.8CVSS4AI score0.00732EPSS
Exploits2References3Affected Software1
WPVulnDB
WPVulnDBadded 2022/03/29 12:0 a.m.19 views

Flo Launch < 2.4.1 - Missing Authentication Allow Full Site Takeover

The plugin injects code into wp-config.php when creating a cloned site, allowing any attacker to initiate a new site install by setting the flocustomtableprefix cookie to an arbitrary value. PoC On any website where flo-launch is active create cookie "flocustomtableprefix" with any string value t...

9.8CVSS3.7AI score0.00732EPSS
Exploits2Affected Software1
Rows per page
Query Builder