Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2025/12/13 12:0 a.m.4 views

PT-2025-51084

The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to to Information Disclosure due to missing authorization in the handle rest pre dispatch function when the Godam plugin is active, in versions 4.7.0 to 4.7.3. This makes it possible for unauthenticated attackers...

3.7CVSS5.9AI score0.0023EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2025/10/21 6:2 p.m.11 views

Shopware vulnerable to MediaVisibilityRestrictionSubscriber bypass when reading media entities by aggregating fields individually

In Shopware core and platform versions before 6.6.10.7 and 6.7.3.1, media visibility restrictions applied by MediaVisibilityRestrictionSubscriber are not enforced for aggregation API requests. Authorization filters are only injected during standard entity reads; aggregation queries can be...

6.5AI score
Exploits0References3Affected Software2
Patchstack
Patchstackadded 2023/07/18 12:0 a.m.7 views

WordPress WP Private Media Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Private Media Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 97f5406e373a Credits Rafie Muhammad Patchstack Require...

6.8AI score0.00284EPSS
Exploits0References2Affected Software1
Patchstack
Patchstackadded 2022/02/28 12:0 a.m.7 views

WordPress WP Private Media plugin <= 1.0.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WP Private Media plugin versions = 1.0.1. Solution No patched version available...

3.1AI score
Exploits0References2Affected Software1
Patchstack
Patchstackadded 2022/02/28 12:0 a.m.14 views

WordPress WP Private Media plugin <= 1.0.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WP Private Media plugin versions = 1.0.1. Solution No patched version available...

3.3AI score
Exploits0References2Affected Software1
The Hacker News
The Hacker Newsadded 2021/12/01 5:20 a.m.19 views

Twitter Bans Users From Posting 'Private Media' Without a Person's Consent

Twitter on Tuesday announced an expansion to its private information policy to include private media, effectively prohibiting the sharing of photos and videos without express permission from the individuals depicted in them with an aim to curb doxxing and harassment. "Beginning today, we will not...

1.6AI score
Exploits0
ThreatPost
ThreatPostadded 2020/11/19 7:52 p.m.79 views

GO SMS Pro Android App Exposes Private Photos, Videos and Messages

A security weakness discovered in the GO SMS Pro Android app can be exploited to publicly expose media sent using the app, according to researchers. The GO SMS Pro application is a popular messenger app with more than 100 million downloads from the Google Play store. Researchers at Trustwave...

0.5AI score0.65907EPSS
Exploits0References3
Rows per page
Query Builder