Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6232 matches found

Positive Technologies
Positive Technologiesadded 2024/02/12 12:0 a.m.6 views

PT-2024-15410 · WordPress · Eazydocs

Name of the Vulnerable Software and Affected Versions: EazyDocs WordPress plugin versions prior to 2.4.0 Description: The issue allows any authenticated users to delete arbitrary posts, as well as add and delete documents/sections. The problem was partially fixed in version 2.3.9. Recommendations...

4.3CVSS6.6AI score0.00424EPSS
Exploits2References6
Positive Technologies
Positive Technologiesadded 2024/02/12 12:0 a.m.11 views

PT-2024-15544 · WordPress · Mappress Maps

Name of the Vulnerable Software and Affected Versions: MapPress Maps for WordPress versions prior to 2.88.16 Description: The issue affects the MapPress Maps for WordPress plugin, allowing unauthenticated users to read arbitrary private and draft posts due to an Insecure Direct Object Reference...

5.3CVSS7.4AI score0.00568EPSS
Exploits2References7
CNNVD
CNNVDadded 2024/02/12 12:0 a.m.9 views

WordPress Plugin MapPress Maps Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability previously existed...

5.3CVSS6.7AI score0.00568EPSS
Exploits2References2
CNNVD
CNNVDadded 2024/02/12 12:0 a.m.4 views

WordPress Plugin EazyDocs Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. The WordPress Plugin EazyDocs versi...

4.3CVSS6.8AI score0.00424EPSS
Exploits2References2
Circl
Circladded 2024/02/10 10:11 a.m.16 views

CVE-2024-20953

creationtimestamp| type| source ---|---|--- 2024-02-10 10:11:49+00:00| seen| https://t.me/ctinow/182506 2025-02-24 18:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2025-02-24 18:26:41+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5199 2025-02-24 18:53:21+00:00| seen|...

8.8CVSS7.5AI score0.03405EPSS
Exploits0References28
OSV
OSVadded 2024/02/10 7:15 a.m.2 views

CVE-2024-0596

The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the editorhtml function in all versions up to, and including, 6.1.7. This makes it possible for authenticated attackers, with...

5.3CVSS7.3AI score0.004EPSS
Exploits0References2
Prion
Prionadded 2024/02/05 10:16 p.m.14 views

Design/Logic Flaw

The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saveview' function in all versions up to, and including, 3.2.2. This makes it possible for authenticated...

4CVSS6.7AI score0.00428EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2024/02/05 9:21 p.m.91 views

CVE-2024-0790

CVE-2024-0790 (WOLF – WordPress Posts Bulk Editor and Manager Professional) is a CSRF vulnerability in the WordPress plugin, affecting versions up to 1.0.8.1. The issue stems from missing or incorrect nonce validation on functions wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_te...

5.4CVSS5.2AI score0.00312EPSS
Exploits0References3Affected Software1
CNNVD
CNNVDadded 2024/02/05 12:0 a.m.4 views

WordPress plugin Author Box, Guest Author and Co-Authors for Your Posts security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

7.5CVSS6.5AI score0.00656EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/02/05 12:0 a.m.6 views

PT-2024-15006 · WordPress · The Events Calendar

Name of the Vulnerable Software and Affected Versions: The Events Calendar plugin for WordPress versions up to, and including, 6.2.8.2 Description: The issue allows unauthenticated attackers to extract potentially sensitive data, including post titles and IDs of pending, private, and draft posts,...

5.3CVSS9.7AI score0.00562EPSS
Exploits0References7
CNNVD
CNNVDadded 2024/02/03 12:0 a.m.7 views

WordPress plugin Anonymous Restricted Content security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

7.5CVSS6.4AI score0.00608EPSS
Exploits0References4
Circl
Circladded 2024/02/01 7:1 p.m.9 views

CVE-2024-0406

creationtimestamp| type| source ---|---|--- 2024-02-01 19:01:53+00:00| seen| https://t.me/ctinow/177740 2025-01-14 14:03:14+00:00| seen| https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3lfpg4tm6kb2j 2025-01-14 14:34:04+00:00| seen|...

7.8CVSS7.5AI score0.00928EPSS
Exploits1References8
OSV
OSVadded 2024/02/01 10:15 a.m.3 views

CVE-2023-52195

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Posts to Page Kerry James allows Stored XSS.This issue affects Kerry James: from n/a through 1.7...

5.4CVSS7.3AI score0.00328EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/02/01 9:43 a.m.16 views

CVE-2023-52195 WordPress Posts to Page Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Posts to Page Kerry James allows Stored XSS.This issue affects Kerry James: from n/a through 1.7...

6.5CVSS6.4AI score0.00328EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/02/01 12:0 a.m.3 views

WordPress plugin Posts to Page Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS6.1AI score0.00328EPSS
Exploits0References2
OSV
OSVadded 2024/01/31 7:15 p.m.3 views

CVE-2024-22159

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional allows Reflected XSS.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8...

6.1CVSS7.3AI score0.00331EPSS
Exploits0References1
CVE
CVEadded 2024/01/31 6:12 p.m.78 views

CVE-2024-22159

CVE-2024-22159 affects WOLF – WordPress Posts Bulk Editor and Manager Professional (versions up to 1.0.8). The vulnerability is improper neutralization of input during web page generation, leading to a Reflected XSS. Impact is a client-side script injection through input that is not properly sani...

7.1CVSS7AI score0.00331EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2024/01/31 4:15 p.m.2 views

CVE-2024-23502

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in InfornWeb Posts List Designer by Category – List Category Posts Or Recent Posts allows Stored XSS.This issue affects Posts List Designer by Category – List Category Posts Or Recent Posts: from n/a...

5.4CVSS7.3AI score
Exploits0References1
NVD
NVDadded 2024/01/31 4:15 p.m.13 views

CVE-2024-23502

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in InfornWeb Posts List Designer by Category – List Category Posts Or Recent Posts allows Stored XSS.This issue affects Posts List Designer by Category – List Category Posts Or Recent Posts: from n/a...

6.5CVSS6.4AI score0.0031EPSS
Exploits0References1
Prion
Prionadded 2024/01/31 4:15 p.m.17 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in InfornWeb Posts List Designer by Category – List Category Posts Or Recent Posts allows Stored XSS.This issue affects Posts List Designer by Category – List Category Posts Or Recent Posts: from n/a...

4.9CVSS6.9AI score0.0031EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder