CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Circl•added 2026/04/03 5:26 p.m.•0 views

GHSA-7R9J-R86Q-7G45

creationtimestamp| type| source ---|---|--- 2026-04-03 17:26:40+00:00| published-proof-of-concept| Telegram/DJsg5Qi7j92DgCP14lqfeXU4IPClBfbIww0fpCMr4ueipk0 2026-04-04 02:48:17+00:00| seen| https://bsky.app/profile/cyber-news-fi.bsky.social/post/3min7vlzl2s2s...

4.8AI score

RedhatCVE•added 2026/03/08 7:56 a.m.•1 views

CVE-2026-1087

The Guardian News Feed plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to modify the plugin's settings,...

EUVD•added 2026/03/07 9:30 a.m.•2 views

EUVD-2026-10128

NVD•added 2026/03/07 8:16 a.m.•1 views

Exploits0References4

CVE-2026-1087

4.3CVSS0.00016EPSS

Cvelist•added 2026/03/07 7:22 a.m.•21 views

CVE-2026-1087 The Guardian News Feed <= 1.2 - Cross-Site Request Forgery to Settings Update

4.3CVSS0.00016EPSS

CVE•added 2026/03/07 7:22 a.m.•4 views

CVE-2026-1087

The Guardian News Feed plugin for WordPress is affected by CVE-2026-1087. All versions up to and including 1.2 are vulnerable to Cross-Site Request Forgery caused by missing nonce validation on the settings update function. This allows unauthenticated or tricked attackers to modify the plugin’s s...

Vulnrichment•added 2026/03/07 7:22 a.m.•0 views

CVE-2026-1087 The Guardian News Feed <= 1.2 - Cross-Site Request Forgery to Settings Update

Patchstack•added 2026/03/07 2:5 a.m.•3 views

WordPress The Guardian News Feed plugin <= 1.2 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin The Guardian News Feed versions = 1.2...

4.3CVSS5.8AI score0.00016EPSS

Exploits0References1Affected Software1

CNNVD•added 2026/03/07 12:0 a.m.•2 views

WordPress plugin Guardian News Feed 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.7AI score0.00016EPSS

Exploits0References4

ATTACKERKB•added 2026/02/28 9:47 p.m.•2 views

CVE-2026-28559

wpForo Forum 2.4.14 contains an information disclosure vulnerability that allows unauthenticated users to retrieve private and unapproved forum topics via the global RSS feed endpoint. Attackers request the RSS feed without a forum ID parameter, bypassing the privacy and status WHERE clauses that...

6.9CVSS5.9AI score0.00069EPSS

Exploits0References4Affected Software1

Circl•added 2026/02/28 3:31 a.m.•3 views

CVE-2026-22717

creationtimestamp| type| source ---|---|--- 2026-02-28 03:31:16+00:00| seen| https://bsky.app/profile/cyber-news-fi.bsky.social/post/3mfvbybg7ae2c...

2.7CVSS5.9AI score0.0001EPSS

Circl•added 2026/01/31 3:27 a.m.•2 views

CVE-2024-4027

creationtimestamp| type| source ---|---|--- 2026-01-31 03:27:17+00:00| seen| https://bsky.app/profile/cyber-news-fi.bsky.social/post/3mdoupdsatc2a...

7.5CVSS5.8AI score0.00381EPSS

RedhatCVE•added 2026/01/09 8:46 a.m.•3 views

CVE-2025-23464

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Keir Whitaker Twitter News Feed twitter-news-feed allows Reflected XSS.This issue affects Twitter News Feed: from n/a through = 1.1.1...

7.1CVSS5.9AI score0.00232EPSS