Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

NVD
NVDadded 2023/05/20 3:15 a.m.9 views

CVE-2023-2715

The Groundhogg plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitticket' function in versions up to, and including, 2.7.9.8. This makes it possible for authenticated attackers to create a support ticket that sends the website's...

4.3CVSS4.3AI score0.0021EPSS
Exploits0References3
Prion
Prionadded 2023/05/20 3:15 a.m.11 views

Design/Logic Flaw

The Groundhogg plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitticket' function in versions up to, and including, 2.7.9.8. This makes it possible for authenticated attackers to create a support ticket that sends the website's...

4CVSS4.4AI score0.0021EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Stormadded 2022/02/25 12:0 a.m.320 views

WordPress Photoswipe Masonry Gallery 1.2.14 Cross Site Scripting

On November 11, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Photoswipe Masonry Gallery”, a WordPress plugin that is installed on over 10,000 sites. This flaw makes it possible for an authenticated attacker to injec...

0.00182EPSS
Exploits3
0day.today
0day.todayadded 2022/01/19 12:0 a.m.307 views

WordPress Email Template Designer – WP HTML Mail 3.0.9 Cross Site Scripting Vulnerability

WordPress Email Template Designer – WP HTML Mail plugin versions 3.0.9 and below suffer from a cross site scripting vulnerability. Exploit makes it possible for unauthenticated attackers to achieve complete site takeover. On December 23, 2021 the Wordfence Threat Intelligence team initiated the...

8.3CVSS6.4AI score0.50799EPSS
Exploits3
Exploit DB
Exploit DBadded 2013/01/22 12:0 a.m.27 views

WordPress Plugin Developer Formatter - Cross-Site Request Forgery

==================================================================================================================== Exploit Title: Wordpress Developer Formatter CSRF Vulnerability Google Dork: inurl:devformatter/devformatter.php Date: 21/01/13 Author: Junaid Hussain - illSecure Research Group -...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2012/05/01 12:0 a.m.46 views

IA, CSRF and FPD vulnerabilities in Organizer for WordPress

Hello 3APA3A! I want to warn you about multiple new security vulnerabilities in plugin Organizer for WordPress. This is the third in series of advisories concerning vulnerabilities in this plugin. These are Insufficient Authorization, Cross-Site Request Forgery and Full path disclosure...

0.1AI score
Exploits0
Rows per page
Query Builder