Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2026/05/13 6:30 p.m.5 views

EUVD-2020-31214

Ecommerce Systempay 1.0 contains a weak cryptographic implementation vulnerability that allows attackers to brute force the 16-character production secret key used for payment signature generation. Attackers can extract payment form data and signatures from POST requests to the payment endpoint,...

9.8CVSS5.8AI score0.00024EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/06 3:27 a.m.26 views

CVE-2026-3208 Mercado Pago payments for WooCommerce <= 8.7.11 - Missing Authorization to Unauthenticated PIX Payment QR Code Image Disclosure

The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'mppiximage' WooCommerce API endpoint in all versions up to, and including, 8.7.11. This makes it possible for unauthenticated attackers to retrieve...

5.3CVSS0.00017EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/04/07 11:1 p.m.3 views

CVE-2026-35448

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the BlockonomicsYPT plugin's check.php endpoint returns payment order data for any Bitcoin address without requiring authentication. The endpoint was designed as an AJAX polling helper for the authenticated invoice.php page...

3.7CVSS5.9AI score0.00019EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/21 6:33 a.m.5 views

CVE-2025-14977

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.2.4 via the /wp-json/dokan/v1/settings REST API endpoint due to missing validation on a...

8.1CVSS5.5AI score0.00045EPSS
Exploits0References1
NVD
NVDadded 2026/01/20 5:16 a.m.5 views

CVE-2025-14977

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.2.4 via the /wp-json/dokan/v1/settings REST API endpoint due to missing validation on a...

8.1CVSS0.00045EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/01/20 4:35 a.m.1 views

CVE-2025-14977

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.2.4 via the /wp-json/dokan/v1/settings REST API endpoint due to missing validation on a...

8.1CVSS5.4AI score0.00045EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/01/20 12:0 a.m.4 views

PT-2026-3536

Name of the Vulnerable Software and Affected Versions Dokan versions up to and including 4.2.4 Description The Dokan plugin for WordPress is susceptible to an Insecure Direct Object Reference issue. This flaw stems from a lack of validation on a user-controlled key within the...

8.1CVSS5.3AI score0.00045EPSS
Exploits0References9
Rows per page
Query Builder