Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6191 matches found

Circl
Circladded 2025/11/24 6:40 p.m.2 views

CVE-2025-13466

creationtimestamp| type| source ---|---|--- 2025-11-24 18:40:14+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3m6fhz63cvk2n 2025-11-24 18:44:17+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3m6fiagi6fc2n...

6.9CVSS5.8AI score0.00329EPSS
Exploits0References2
Circl
Circladded 2025/11/22 9:2 a.m.4 views

CVE-2025-13384

creationtimestamp| type| source ---|---|--- 2025-11-22 09:02:58+00:00| seen| https://infosec.exchange/users/offseq/statuses/115592539421607125 2025-11-22 09:02:59+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m67gvblmzx27 2025-11-22 09:44:18+00:00| seen|...

7.5CVSS5.8AI score0.00318EPSS
Exploits0References3
Circl
Circladded 2025/11/22 12:33 a.m.6 views

CVE-2025-64720

creationtimestamp| type| source ---|---|--- 2025-11-22 00:33:44+00:00| seen| https://seclists.org/oss-sec/2025/q4/204 2025-11-22 01:59:06+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3m66p54ip7t2h 2025-11-22 02:34:48+00:00| seen|...

7.1CVSS6.4AI score0.00264EPSS
Exploits4References17
Circl
Circladded 2025/11/22 12:33 a.m.3 views

CVE-2025-64505

creationtimestamp| type| source ---|---|--- 2025-11-22 00:33:44+00:00| seen| https://seclists.org/oss-sec/2025/q4/204 2025-11-22 01:59:05+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3m66p54ip7t2h 2025-11-22 02:34:48+00:00| seen|...

6.1CVSS6.2AI score0.00181EPSS
Exploits2References16
Circl
Circladded 2025/11/21 7:8 a.m.4 views

CVE-2025-64695

creationtimestamp| type| source ---|---|--- 2025-11-21 07:08:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m64pyg63n62x 2025-11-21 07:32:50+00:00| seen| https://infosec.exchange/users/offseq/statuses/115586522750052262 2025-11-21 07:32:52+00:00| seen|...

8.4CVSS5.8AI score0.00134EPSS
Exploits0References3
Circl
Circladded 2025/11/21 3:3 a.m.3 views

CVE-2025-64310

creationtimestamp| type| source ---|---|--- 2025-11-21 03:03:09+00:00| seen| https://infosec.exchange/users/offseq/statuses/115585462301435855 2025-11-21 03:03:11+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m64cbiaajw2l 2025-11-21 03:26:50+00:00| seen|...

9.8CVSS9.1AI score0.00397EPSS
Exploits0References5
Circl
Circladded 2025/11/20 10:41 p.m.4 views

CVE-2025-49752

creationtimestamp| type| source ---|---|--- 2025-11-20 22:41:55+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115584435147386291 2025-11-20 23:40:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m63wvrieng2u 2025-11-20 23:45:08+00:00| seen|...

10CVSS5.1AI score0.00898EPSS
Exploits2References13
CNVD
CNVDadded 2025/11/20 12:0 a.m.3 views

WordPress Like-it plugin cross-site request forgery vulnerability

WordPress Like-it plugin is an extension to add like-it functionality to WordPress blogs, allowing users to perform like-it operations on posts or comments. The WordPress Like-it plugin suffers from a cross-site request forgery vulnerability, which arises from a web application that does not...

6.1CVSS6.8AI score0.00124EPSS
Exploits0References1
Circl
Circladded 2025/11/19 9:59 p.m.3 views

CVE-2023-41347

creationtimestamp| type| source ---|---|--- 2025-11-19 21:59:29+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115578606002979278 2025-11-19 22:00:06+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115578608301178805 2025-11-20 21:02:47+00:00| seen|...

8.8CVSS8.5AI score0.01288EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/11/19 10:23 a.m.5 views

CVE-2025-12481

The WP Duplicate Page plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.7. This is due to the plugin not properly verifying that a user is authorized to perform an action in the 'saveSettings' function. This makes it possible for authenticated...

4.3CVSS5.5AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/11/19 7:26 a.m.2 views

CVE-2025-12524

The Post Type Switcher plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.0.0 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to modify the post type...

5.4CVSS5.7AI score0.0025EPSS
Exploits0References1
OSV
OSVadded 2025/11/18 3:34 p.m.3 views

GO-2025-4129 Mattermost allows an attacker to edit arbitrary posts via a crafted MSTeams plugin OAuth redirect URL in github.com/mattermost/mattermost-server

Mattermost allows an attacker to edit arbitrary posts via a crafted MSTeams plugin OAuth redirect URL in github.com/mattermost/mattermost-server...

5.4CVSS6.8AI score0.0016EPSS
Exploits0References8
EUVD
EUVDadded 2025/11/18 12:30 p.m.4 views

EUVD-2025-197964

The WP Duplicate Page plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.7. This is due to the plugin not properly verifying that a user is authorized to perform an action in the 'saveSettings' function. This makes it possible for authenticated...

4.3CVSS5.2AI score0.00207EPSS
Exploits0References5
NVD
NVDadded 2025/11/18 10:15 a.m.3 views

CVE-2025-12481

The WP Duplicate Page plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.7. This is due to the plugin not properly verifying that a user is authorized to perform an action in the 'saveSettings' function. This makes it possible for authenticated...

4.3CVSS0.00207EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/11/18 9:27 a.m.4 views

CVE-2025-12481 WP Duplicate Page <= 1.7 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Disclosure

The WP Duplicate Page plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.7. This is due to the plugin not properly verifying that a user is authorized to perform an action in the 'saveSettings' function. This makes it possible for authenticated...

4.3CVSS5.2AI score0.00207EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/11/18 9:27 a.m.10 views

CVE-2025-12481 WP Duplicate Page <= 1.7 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Disclosure

The WP Duplicate Page plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.7. This is due to the plugin not properly verifying that a user is authorized to perform an action in the 'saveSettings' function. This makes it possible for authenticated...

4.3CVSS0.00207EPSS
Exploits0References4
CVE
CVEadded 2025/11/18 9:27 a.m.6 views

CVE-2025-12481

The vulnerability CVE-2025-12481 affects the WP Duplicate Page plugin for WordPress (versions up to 1.7). Root cause: Missing authorization checks in saveSettings allow authenticated users with Contributor+ privileges to modify plugin settings that control capabilities, enabling them to duplicate...

4.3CVSS5.2AI score0.00207EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/11/18 9:27 a.m.7 views

CVE-2025-11734 Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links <= 1.2.5 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Trashing

The Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links plugin for WordPress is vulnerable to unauthorized post modification due to missing authorization in all versions up to, and including, 1.2.5. This is due to the plugin registering a REST API endpoint that only...

5.4CVSS0.00194EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/11/18 6:43 a.m.3 views

CVE-2025-12524 Post Type Switcher <= 4.0.0 - Insecure Direct Object Reference to Authenticated (Author+) Post Type Change

The Post Type Switcher plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.0.0 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to modify the post type...

5.4CVSS5.3AI score0.0025EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2025/11/18 12:0 a.m.4 views

PT-2025-47281

Name of the Vulnerable Software and Affected Versions WP Duplicate Page plugin versions prior to 1.8 Description The WP Duplicate Page plugin for WordPress is affected by a missing authorization issue. The plugin does not properly verify user authorization to perform actions within the saveSettin...

4.3CVSS5.9AI score0.00207EPSS
Exploits0References7
Rows per page
Query Builder