8 matches found
CVE-2026-6933 Premmerce Dev Tools <= 2.0 - Missing Authorization to Authenticated (Subscriber+) Remote Code Execution via Plugin Creation
The Premmerce Dev Tools plugin for WordPress is vulnerable to Remote Code Execution via missing authorization in versions up to and including 2.0. This is due to the 'generatePluginHandler' function lacking any authorization check before processing user-supplied POST data, combined with the...
CVE-2026-6933
The CVE covers the Premmerce Dev Tools WordPress plugin (versions
CVE-2026-33529 Zoraxy: Authenticated Path Traversal in Config Import leads to RCE
Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. Prior to version 3.3.2, an authenticated path traversal vulnerability in the configuration import endpoint allows an authenticated user to write arbitrary files outside the config directory, which can lead to RCE by creating a...
PT-2026-28166
Name of the Vulnerable Software and Affected Versions Zoraxy versions prior to 3.3.2 Description Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. A path traversal vulnerability exists in the configuration import endpoint /api/conf/import when handling zip file entries. An...
Pollenisator - Collaborative Pentest Tool With Highly Customizable Tools
Pollenisator is a tool aiming to assist pentesters and auditor automating the use of some tools/scripts and keep track of them. Written in python 3 Provides a modelisation of "pentest objects" : Scope, Hosts, Ports, Commands, Tools etc. Tools/scripts are separated into 4 categories : wave,...
Stripo Inc: No rate limiting - Create Plug-ins
Hello team Stripo, how are you? I found a rate limit for data creation. Target = https://my.stripo.email/cabinet//plugins/293814 Request to Post: POST /cabinet/stripeapi/v1/plugin/293814/plugins HTTP/1.1 Host: my.stripo.email User-Agent: Mozilla/5.0 X11; Linux x8664; rv:78.0 Gecko/20100101...
OWASP Offensive Web Testing Framework: OWFT
The purpose of this tool is to automate the manual and uncreative parts of pen testing. For example, Figuring out how to call “tool X” then parsing results of “tool X” manually to feed “tool Y” and so on is time consuming. OWASP OWTF is a project focused on penetration testing efficiency and...
Ninja PingU - High performance network scanner tool for large scale analyses
NINJA-PingU Is Not Just a Ping Utility is a free open-source high performance network scanner tool for large scale analyses. It has been designed with performance as its primary goal and developed as a framework to allow easy plugin creation. NINJA PingU comes out of the box with a set of plugins...