CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/01/17 6:42 a.m.•8 views

CVE-2026-0808

CVE-2026-0808: The Spin Wheel WordPress plugin (versions up to 2.1.0) allows unauthenticated, client-side prize manipulation bySending a modified prize_index parameter; server-side validation/randomization is missing. Wordfence notes the issue and indicates patches have been applied; ensure upgra...

5.3CVSS5.6AI score0.001EPSS

Cvelist•added 2026/01/17 6:42 a.m.•20 views

CVE-2026-0808 Spin Wheel <= 2.1.0 - Unauthenticated Client-Side Prize Manipulation via 'prize_index' Parameter

5.3CVSS0.001EPSS

Vulnrichment•added 2026/01/17 6:42 a.m.•1 views

CVE-2026-0808 Spin Wheel <= 2.1.0 - Unauthenticated Client-Side Prize Manipulation via 'prize_index' Parameter

5.3CVSS5.4AI score0.001EPSS

ATTACKERKB•added 2026/01/17 6:42 a.m.•1 views

CVE-2026-0808

5.3CVSS5.3AI score0.001EPSS

EUVD•added 2026/01/17 6:42 a.m.•2 views

EUVD-2026-3143

5.3CVSS5.5AI score0.001EPSS

CNNVD•added 2026/01/17 12:0 a.m.•3 views

WordPress plugin Spin Wheel has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

5.3CVSS5.7AI score0.001EPSS

Positive Technologies•added 2026/01/17 12:0 a.m.•2 views

PT-2026-3351

5.3CVSS6AI score0.001EPSS

Patchstack•added 2026/01/16 11:46 p.m.•4 views

WordPress Spin Wheel plugin <= 2.1.0 - Unauthenticated Client-Side Prize Manipulation via 'prize_index' Parameter vulnerability

Unauthenticated Client-Side Prize Manipulation via 'prizeindex' Parameter vulnerability discovered by jsonc in WordPress Plugin Spin Wheel versions = 2.1.0...

5.3CVSS7AI score0.001EPSS

Exploits0References1Affected Software1

Wiz blog•added 2025/12/16 3:30 p.m.•5 views

Zero‑Days in the Age of AI: Behind the Scenes of ZeroDay.cloud 2025, with a Record High of CVEs in Critical Cloud Infra

ZDC awarded hackers $320,000 and uncovered a record‑breaking tally of critical CVEs for core cloud infrastructure, underscoring the scale and urgency of securing the open‑source software that underpins the modern cloud...

7AI score

HackRead•added 2025/11/27 1:39 p.m.•5 views

Cronos Kicks Off $42K Global Hackathon Focused on AI-Powered On-Chain Payments

Cronos launches x402 PayTech Hackathon with $42K prize pool to drive AI-powered on-chain payments using agent tech and Crypto.com tools...

7AI score

Malwarebytes•added 2025/11/10 11:41 a.m.•9 views

Watch out for Walmart gift card scams

You’ve probably seen it before—a bright, urgent message claiming you’ve qualified for a $750 or $1000 Walmart gift card. All you have to do is answer a few questions. It looks harmless enough. But once you click, you find yourself in a maze of surveys, redirects, and "partner offers"—without ever...

6.7AI score

Malwarebytes•added 2025/10/22 12:2 p.m.•4 views

Home Depot Halloween phish gives users a fright, not a freebie

We received a timely phishing email pretending to come from Home Depot. It claimed we’d won a Gorilla Carts dump cart that’s a sort of four-wheeled wheelbarrow for anyone unfamiliar—and said it was just one click away. It wasn’t. The whole image in the email was clickable, and it hid plenty of...

6.6AI score

Packet Storm News•added 2025/10/18 12:0 a.m.•2 views

Colliding with Adversaries at ECML-PKDD 2025 Adversarial Attack Competition 1st Prize Solution

This report presents the winning solution for Task 1 of Colliding with Adversaries: A Challenge on Robust Learning in High Energy Physics Discovery at ECML-PKDD 2025. The task required designing an adversarial attack against a provided classification model that maximizes misclassification while...

6.8AI score

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-9726

Malware in sbrugna...

7.5CVSS7.6AI score0.00237EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-1792

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00315EPSS

Exploits0References1

Talos Blog•added 2025/07/31 6:0 p.m.•5 views

The Booker Prize Longlist and Hacker Summer Camp

Welcome to this week's edition of the Threat Source newsletter. This week the Booker Prize Longlist was released and it featured several books I've read this year a couple that are on my TBR To Be Read, a couple that I had not heard of, and a couple that make me scratch my head and question why...

7AI score