Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2026/05/22 3:39 a.m.10 views

CVE-2026-7249

The CVE-2026-7249 entry pertains to the WordPress Location Weather plugin (versions up to 3.0.2). It lacks capability checks in splw_update_block_options() and lwp_clean_weather_transients(), allowing authenticated contributors+ to disable all weather blocks and purge weather cache transients. Th...

4.3CVSS5.8AI score0.00012EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2026/02/24 10:42 p.m.3 views

CVE-2026-23694

Aruba HiSpeed Cache aruba-hispeed-cache WordPress plugin versions prior to 3.0.5 contain a cross-site request forgery CSRF vulnerability affecting multiple administrative AJAX actions. The handlers for ahscresetoptions, ahscdebugstatus, and ahscenablepurge perform authentication and capability...

5.1CVSS5.2AI score0.00043EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/10/10 12:0 a.m.2 views

PT-2024-39562 · Authd +1 · Authd +1

Name of the Vulnerable Software and Affected Versions: Authd versions 0.3.6 and earlier Description: A local attacker who can register user names could spoof another user's ID and gain their privileges due to insufficient randomization of user IDs. The issue arises from the GenerateID method, whi...

10CVSS6.4AI score0.94047EPSS
Exploits22References213
Positive Technologies
Positive Technologiesadded 2024/07/09 12:0 a.m.3 views

PT-2024-37173 · WordPress · Wp2Speed Faster – Optimize Pagespeed Insights Score

Name of the Vulnerable Software and Affected Versions: WP2Speed Faster – Optimize PageSpeed Insights Score 90-100 plugin for WordPress versions up to, and including, 1.0.1 Description: The issue is due to the use of hardcoded credentials to authenticate all incoming API requests. This allows...

5.3CVSS7AI score0.00432EPSS
Exploits0References10
ATTACKERKB
ATTACKERKBadded 2023/04/06 8:15 p.m.1 views

CVE-2023-1920

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfcpurgecachevarnishcallback function. This makes it possible for unauthenticated attackers to purge the...

4.3CVSS6.6AI score0.00118EPSS
Exploits0References4
Cvelist
Cvelistadded 2023/04/06 8:5 p.m.21 views

CVE-2023-1929 WP Fastest Cache <= 1.1.2 - Missing Authorization in 'wpfc_purgecache_varnish_callback'

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the wpfcpurgecachevarnishcallback function in versions up to, and including, 1.1.2. This makes it possible for authenticated attackers with subscriber-level access to pur...

4.3CVSS4.5AI score0.00278EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/04/06 12:0 a.m.3 views

PT-2023-17340 · WordPress · Wp Fastest Cache

Name of the Vulnerable Software and Affected Versions: WP Fastest Cache versions up to, and including, 1.1.2 Description: The issue is due to missing or incorrect nonce validation on the wpfc purgecache varnish callback function, making it possible for unauthenticated attackers to purge the varni...

4.3CVSS9.5AI score0.00118EPSS
Exploits0References8
Rows per page
Query Builder