Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

81 matches found

NVD
NVDadded yesterday7 views

CVE-2026-40780

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

7.5CVSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded yesterday4 views

CVE-2026-40780

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

7.5CVSS5.8AI score
Exploits0References2
EUVD
EUVDadded yesterday2 views

EUVD-2026-33948

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

7.5CVSS5.8AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded yesterday5 views

PT-2026-45779

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

7.5CVSS5.8AI score
Exploits0References2
Positive Technologies
Positive Technologiesadded 2 days ago9 views

PT-2026-45465

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liquid Web / StellarWP GiveWP allows DOM-Based XSS. This issue affects GiveWP: from n/a through 4.14.5...

7.1CVSS5.8AI score0.00033EPSS
Exploits0References2
Patchstack
Patchstackadded 2026/01/09 3:55 a.m.3 views

WordPress The Events Calendar plugin <= 6.15.12.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin The Events Calendar versions = 6.15.12.2...

5.4CVSS6.8AI score0.00069EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2025/10/31 3:25 a.m.4 views

WordPress The Events Calendar plugin <= 6.15.9 - Missing Authorization to Authenticated (Subscriber+) Draft Event Title/QR Code Exposure vulnerability

Missing Authorization to Authenticated Subscriber+ Draft Event Title/QR Code Exposure vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin The Events Calendar versions = 6.15.9...

4.3CVSS6.9AI score0.00036EPSS
Exploits0References1Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-36426

Malicious code in bioql PyPI...

10CVSS6.6AI score0.00238EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-24228

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00063EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.0 views

EUVD-2023-27759

Malicious code in bioql PyPI...

5.4CVSS9AI score0.00179EPSS
Exploits0References1
Snyk
Snykadded 2025/09/11 3:35 a.m.0 views

Malicious Package

Overview @liquid-web/core-services is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/09/11 3:35 a.m.2 views

Malicious code in @liquid-web/mileage (npm)

The package @liquid-web/mileage was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8574d7642f0f1a5d62c5aec640322437ffa389e114e7cdbcf7834417d9bdab8b Any computer that has this package installed or running should be considered fully...

6.9AI score
Exploits0References3
Snyk
Snykadded 2025/09/11 3:35 a.m.1 views

Malicious Package

Overview @liquid-web/mileage is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
OSV
OSVadded 2025/09/11 3:35 a.m.1 views

MAL-2025-47037 Malicious code in @liquid-web/mileage (npm)

The package @liquid-web/mileage was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8574d7642f0f1a5d62c5aec640322437ffa389e114e7cdbcf7834417d9bdab8b Any computer that has this package installed or running should be considered fully...

6.9AI score
Exploits0References3
Snyk
Snykadded 2025/09/11 3:35 a.m.1 views

Malicious Package

Overview @liquid-web/utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
OSV
OSVadded 2025/09/11 3:35 a.m.1 views

MAL-2025-47032 Malicious code in @liquid-web/app-services (npm)

The package @liquid-web/app-services was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2360336c035ddfac0df30665d2e803482a726fbf6c47738903b8d3b7eb6c248 Any computer that has this package installed or running should be considered...

6.9AI score
Exploits0References4
Snyk
Snykadded 2025/09/11 3:35 a.m.2 views

Malicious Package

Overview @liquid-web/external-cards is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/09/11 3:35 a.m.2 views

Malicious code in @liquid-web/utils (npm)

The package @liquid-web/utils was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 02e29a386f30eacfd4a3e7023262f0bb759557fb0a41790632720ff54b920a8d Any computer that has this package installed or running should be considered fully...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/09/11 3:35 a.m.2 views

Malicious code in @liquid-web/interceptors (npm)

The package @liquid-web/interceptors was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab7a1c47c538682d6263db28f68b16539bd0b759d77d715766652c07ad79c1b4 Any computer that has this package installed or running should be considered...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/09/11 3:35 a.m.2 views

Malicious code in @liquid-web/app-services (npm)

The package @liquid-web/app-services was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2360336c035ddfac0df30665d2e803482a726fbf6c47738903b8d3b7eb6c248 Any computer that has this package installed or running should be considered...

6.9AI score
Exploits0References4
Rows per page
Query Builder