Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

EUVD
EUVDadded 2025/11/01 3:30 a.m.3 views

EUVD-2025-37408

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disconnectaccountrequest function in all versions up to, and including, 3.5.1. This makes i...

5.3CVSS4.7AI score0.00244EPSS
Exploits0References5
NVD
NVDadded 2025/11/01 2:15 a.m.4 views

CVE-2025-11816

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disconnectaccountrequest function in all versions up to, and including, 3.5.1. This makes i...

5.3CVSS0.00244EPSS
Exploits0References4
CVE
CVEadded 2025/11/01 1:47 a.m.18 views

CVE-2025-11816

CVE-2025-11816 concerns the WP Legal Pages (Privacy Policy Generator, Terms & Conditions Generator) WordPress plugin. Wordfence reports that all versions up to and including 3.5.1 are vulnerable due to a missing capability check in disconnect_account_request(), enabling unauthenticated attackers ...

5.3CVSS4.8AI score0.00244EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/11/01 1:47 a.m.5 views

CVE-2025-11816 Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.5.1 - Missing Authorization to Unauthenticated API Disconnect

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disconnectaccountrequest function in all versions up to, and including, 3.5.1. This makes i...

5.3CVSS0.00244EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/11/01 12:0 a.m.2 views

PT-2025-44696

Name of the Vulnerable Software and Affected Versions WP Legal Pages versions prior to 3.5.2 Description The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin: WP Legal Pages is susceptible to unauthorized data modification. This is due to a missing capability check within t...

5.3CVSS6.3AI score0.00244EPSS
Exploits0References11
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2021-12018

Malware in sbrugna...

5.4CVSS5.6AI score0.00591EPSS
Exploits2References2
RedhatCVE
RedhatCVEadded 2025/09/20 10:33 a.m.24 views

CVE-2025-8565

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on the wplpgdprinstallpluginajaxhandler function in all versions up to, and including, 3.4.3...

8.1CVSS5.3AI score0.00257EPSS
Exploits0References1
NVD
NVDadded 2025/09/18 10:15 a.m.44 views

CVE-2025-8565

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on the wplpgdprinstallpluginajaxhandler function in all versions up to, and including, 3.4.3...

8.1CVSS0.00257EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/09/18 9:31 a.m.44 views

CVE-2025-8565 Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.4.3 - Missing Authorization to Authenticated (Contributor+) Arbitrary Plugin Installation

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on the wplpgdprinstallpluginajaxhandler function in all versions up to, and including, 3.4.3...

8.1CVSS0.00257EPSS
Exploits0References2
CVE
CVEadded 2025/09/18 9:31 a.m.22 views

CVE-2025-8565

CVE-2025-8565 affects the WordPress plugin Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin: WP Legal Pages. The vulnerability is a missing capability check in wplp_gdpr_install_plugin_ajax_handler() that exists in all versions up to and including 3.4.3. This allows authent...

8.1CVSS4.9AI score0.00257EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/09/18 9:31 a.m.3 views

CVE-2025-8565 Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.4.3 - Missing Authorization to Authenticated (Contributor+) Arbitrary Plugin Installation

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on the wplpgdprinstallpluginajaxhandler function in all versions up to, and including, 3.4.3...

8.1CVSS4.8AI score0.00257EPSS
Exploits0References2
NVD
NVDadded 2025/08/20 8:15 a.m.3 views

CVE-2025-49413

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Store Finder superstorefinder-wp allows Reflected XSS.This issue affects Super Store Finder: from n/a through = 7.6...

7.1CVSS0.00233EPSS
Exploits0References1
CVE
CVEadded 2025/08/20 8:3 a.m.15 views

CVE-2025-49413

CVE-2025-49413 affects the WordPress plugin “Super Store Finder” (WP plugin by highwarden) versions up to and including 7.6. It is a reflected XSS caused by improper neutralization of input during web page generation. The CVSS 3.1 base vector indicates Network attack, no privileges required, user...

7.1CVSS5.9AI score0.00233EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/08/20 8:3 a.m.16 views

CVE-2025-49413 WordPress Super Store Finder Plugin <= 7.6 - Reflected Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Store Finder superstorefinder-wp allows Reflected XSS.This issue affects Super Store Finder: from n/a through = 7.6...

7.1CVSS0.00233EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/08/20 12:0 a.m.5 views

PT-2025-33948 · Unknown · Wishloop Terms Of Service & Privacy Policy Generator

Name of the Vulnerable Software and Affected Versions: Wishloop Terms of Service & Privacy Policy Generator versions through 1.0 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to Stored Cross-site Scripting XSS. This allows for the...

5.9CVSS6AI score0.00233EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/05/23 9:28 a.m.3 views

CVE-2024-12636

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.6. This is due to missing or incorrect nonce validation on the 'createpopupdeleteprocess' functio...

4.3CVSS6.4AI score0.00164EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/12/25 4:22 a.m.6 views

CVE-2024-12636 Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.2.7 - Cross-Site Request Forgery

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.6. This is due to missing or incorrect nonce validation on the 'createpopupdeleteprocess' functio...

4.3CVSS6.6AI score0.00164EPSS
Exploits0References2
OSV
OSVadded 2023/11/22 8:15 p.m.5 views

CVE-2023-47824

Cross-Site Request Forgery CSRF vulnerability in wpWax Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator plugin = 1.3.8 versions...

8.8CVSS7.3AI score0.00254EPSS
Exploits0References1
Patchstack
Patchstackadded 2023/07/19 12:0 a.m.6 views

WordPress WP AutoTerms: Privacy Policy Generator (GDPR & CCPA), Terms & Conditions Generator, Cookie Notice Banner Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS)

Software WP AutoTerms: Privacy Policy Generator GDPR & CCPA, Terms & Conditions Generator, Cookie Notice Banner Type Plugin Vulnerable versions = 1.8.2 Fixed in 2.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1...

5.8AI score0.00284EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linuxadded 2022/12/06 2:0 p.m.45 views

Low: Red Hat Security Advisory: RHACS 3.73 enhancement and security update

Updated images are now available for Red Hat Advanced Cluster Security RHACS. The updated image includes new features and bug fixes. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.5CVSS6.9AI score0.02676EPSS
Exploits2References4
Rows per page
Query Builder