Lucene search
K

185 matches found

Nuclei
Nuclei
added yesterday41 views

Jordy Meow AI Engine - Unrestricted File Upload

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine- ChatGPT Chatbot.This issue affects AI Engine- ChatGPT Chatbot- from n/a through 1.9.98. id: CVE-2023-51409 info: name: Jordy Meow AI Engine - Unrestricted File Upload author: pussycat0x severity: critical...

10CVSS7.3AI score0.65046EPSS
Exploits4References4
NVD
NVD
added 2026/06/13 10:16 a.m.12 views

CVE-2026-1291

The Meow Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the REST API endpoint /wp-json/meow-gallery/v1/saveshortcode in all versions up to, and including, 5.4.4 This makes it possible for authenticated attackers, with...

4.3CVSS0.00214EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/13 8:29 a.m.15 views

EUVD-2026-36649

The Meow Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the REST API endpoint /wp-json/meow-gallery/v1/saveshortcode in all versions up to, and including, 5.4.4 This makes it possible for authenticated attackers, with...

4.3CVSS5.3AI score0.00214EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/13 8:29 a.m.7 views

CVE-2026-1291 Meow Gallery <= 5.4.4 - Missing Authorization to Authenticated (Author+) Shortcode creation

The Meow Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the REST API endpoint /wp-json/meow-gallery/v1/saveshortcode in all versions up to, and including, 5.4.4 This makes it possible for authenticated attackers, with...

4.3CVSS5.3AI score0.00214EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/13 8:29 a.m.31 views

CVE-2026-1291 Meow Gallery <= 5.4.4 - Missing Authorization to Authenticated (Author+) Shortcode creation

The Meow Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the REST API endpoint /wp-json/meow-gallery/v1/saveshortcode in all versions up to, and including, 5.4.4 This makes it possible for authenticated attackers, with...

4.3CVSS0.00214EPSS
Exploits0References6
CVE
CVE
added 2026/06/13 8:29 a.m.23 views

CVE-2026-1291

CVE-2026-1291 concerns the Meow Gallery WordPress plugin. A missing capability check on the REST API endpoint /wp-json/meow-gallery/v1/save_shortcode allows authenticated users with Author-level access or higher to arbitrarily create or overwrite gallery shortcode records by supplying a user-cont...

4.3CVSS5.3AI score0.00214EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/13 12:0 a.m.22 views

PT-2026-49090

Name of the Vulnerable Software and Affected Versions Meow Gallery versions prior to 5.4.5 Description The Meow Gallery plugin for WordPress allows unauthorized modification of data because of a missing capability check on the REST API endpoint "/wp-json/meow-gallery/v1/save shortcode"...

4.3CVSS5.3AI score0.00214EPSS
Exploits0References11
Patchstack
Patchstack
added 2026/06/12 7:54 p.m.6 views

WordPress Meow Gallery plugin <= 5.4.4 - Missing Authorization to Authenticated (Author+) Shortcode creation vulnerability

Missing Authorization to Authenticated Author+ Shortcode creation vulnerability discovered by Chawabhon Netisingha JNX03 in WordPress Plugin Meow Gallery versions = 5.4.4...

4.3CVSS5.2AI score0.00214EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/01 9:16 a.m.10 views

WordPress Role Based Pricing for Woo by Meow Crew plugin <= 1.6.0 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin WooCommerce Role Based Pricing by Meow Crew versions = 1.6.0...

6.1CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/13 7:24 p.m.3 views

CVE-2026-39506

Missing Authorization vulnerability in Jordy Meow AI Engine Pro ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine Pro: from n/a through 3.4.2...

4.3CVSS5.8AI score0.00165EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 9:31 a.m.2 views

EUVD-2026-20172

Missing Authorization vulnerability in Jordy Meow AI Engine Pro ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine Pro: from n/a through 3.4.2...

5.9AI score0.00165EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 9:16 a.m.4 views

CVE-2026-39506

Missing Authorization vulnerability in Jordy Meow AI Engine Pro ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine Pro: from n/a through 3.4.2...

4.3CVSS0.00165EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 8:30 a.m.2 views

CVE-2026-39506

Missing Authorization vulnerability in Jordy Meow AI Engine Pro ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine Pro: from n/a through 3.4.2...

5.9AI score0.00165EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.7 views

PT-2026-31135

Missing Authorization vulnerability in Jordy Meow AI Engine Pro ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine Pro: from n/a through 3.4.2...

5.9AI score0.00165EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 5:2 p.m.6 views

CVE-2026-32524

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr-sync allows Upload a Web Shell to a Web Server.This issue affects Photo Engine: from n/a through = 6.4.9...

9.1CVSS5.8AI score0.00332EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:17 p.m.6 views

CVE-2026-32418

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Jordy Meow Meow Gallery meow-gallery allows Blind SQL Injection.This issue affects Meow Gallery: from n/a through = 5.4.4...

7.6CVSS5.9AI score0.00291EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.6 views

EUVD-2026-15888

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr-sync allows Upload a Web Shell to a Web Server.This issue affects Photo Engine: from n/a through = 6.4.9...

5.8AI score0.00332EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 5:17 p.m.4 views

CVE-2026-32524

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr-sync allows Upload a Web Shell to a Web Server.This issue affects Photo Engine: from n/a through = 6.4.9...

9.1CVSS0.00332EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.6 views

PT-2026-28038

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr-sync allows Upload a Web Shell to a Web Server.This issue affects Photo Engine: from n/a through = 6.4.9...

5.8AI score0.00332EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/18 12:14 a.m.9 views

Malicious Package

Overview @0xengine/meow is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Rows per page
Query Builder