Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

24 matches found

NVD
NVDadded 2026/06/16 10:16 a.m.11 views

CVE-2026-49774

Improper Control of Generation of Code 'Code Injection' vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects RD Station: from n/a through 5.6.0...

9.9CVSS0.0028EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/16 9:2 a.m.8 views

EUVD-2026-37056

Improper Control of Generation of Code 'Code Injection' vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects RD Station: from n/a through 5.6.0...

9.9CVSS5.4AI score0.0028EPSS
Exploits0References1
CVE
CVEadded 2026/06/16 9:2 a.m.17 views

CVE-2026-49774

CVE-2026-49774 describes an "Improper Control of Generation of Code (Code Injection)" vulnerability in the WordPress RD Station plugin

9.9CVSS5.4AI score0.0028EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/16 9:2 a.m.29 views

CVE-2026-49774 WordPress RD Station plugin <= 5.6.0 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects RD Station: from n/a through 5.6.0...

9.9CVSS0.0028EPSS
Exploits0References1
Patchstack
Patchstackadded 2026/06/04 12:52 p.m.7 views

WordPress RD Station plugin <= 5.6.0 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by ParkHyunWoo in WordPress Plugin RD Station versions = 5.6.0...

9.9CVSS5.7AI score0.0028EPSS
Exploits0Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-40741

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00271EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2024-47883

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00313EPSS
Exploits0References3
NVD
NVDadded 2024/09/05 10:15 a.m.18 views

CVE-2024-6894

The RD Station plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.3.2 due to insufficient input sanitization and output escaping of post metaboxes added by the plugin. This makes it possible for authenticated attackers, with Contributor-level...

6.4CVSS0.00313EPSS
Exploits0References4
Cvelist
Cvelistadded 2024/09/05 9:29 a.m.39 views

CVE-2024-6894 RD Station <= 5.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The RD Station plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.3.2 due to insufficient input sanitization and output escaping of post metaboxes added by the plugin. This makes it possible for authenticated attackers, with Contributor-level...

6.4CVSS0.00313EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/09/05 9:29 a.m.16 views

CVE-2024-6894 RD Station <= 5.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The RD Station plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.3.2 due to insufficient input sanitization and output escaping of post metaboxes added by the plugin. This makes it possible for authenticated attackers, with Contributor-level...

6.4CVSS6AI score0.00313EPSS
Exploits0References3
CVE
CVEadded 2024/09/05 9:29 a.m.51 views

CVE-2024-6894

RD Station plugin for WordPress ≤ 5.3.2 is affected by a Stored Cross-Site Scripting (XSS) vulnerability caused by insufficient input sanitization and output escaping of post metaboxes. This allows authenticated attackers with Contributor+ privileges to inject arbitrary scripts that execute when ...

6.4CVSS5.5AI score0.00313EPSS
Exploits0References4Affected Software1
Patchstack
Patchstackadded 2024/09/05 2:59 a.m.5 views

WordPress RD Station plugin <= 5.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin RD Station versions = 5.3.2...

6.4CVSS5.7AI score0.00313EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2024/09/05 12:0 a.m.19 views

WordPress RD Station Plugin <= 5.3.2 is vulnerable to Cross Site Scripting (XSS)

Software RD Station Type Plugin Vulnerable versions = 5.3.2 Fixed in 5.4.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6894 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 32a1d7bae015 Credits Webbernaut Required privilege...

6.4CVSS5.8AI score0.00313EPSS
Exploits0References3Affected Software1
CNNVD
CNNVDadded 2024/09/05 12:0 a.m.7 views

WordPress plugin RD Station 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.9AI score0.00313EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2024/09/04 12:0 a.m.5 views

PT-2024-37935 · WordPress · Rd Station Plugin

Name of the Vulnerable Software and Affected Versions: RD Station plugin for WordPress versions up to, and including, 5.3.2 Description: The RD Station plugin for WordPress has a Stored Cross-Site Scripting issue due to insufficient input sanitization and output escaping of post metaboxes added b...

6.4CVSS6.2AI score0.00313EPSS
Exploits0References10
OSV
OSVadded 2022/09/13 2:15 p.m.2 views

CVE-2022-38139

Multiple Cross-Site Request Forgery CSRF vulnerabilities in RD Station plugin = 5.2.0 at WordPress...

8.8CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2022/09/13 2:15 p.m.14 views

CVE-2022-38139

Multiple Cross-Site Request Forgery CSRF vulnerabilities in RD Station plugin = 5.2.0 at WordPress...

8.8CVSS0.00271EPSS
Exploits0References1
Prion
Prionadded 2022/09/13 2:15 p.m.16 views

Cross site request forgery (csrf)

Multiple Cross-Site Request Forgery CSRF vulnerabilities in RD Station plugin = 5.2.0 at WordPress...

6.8CVSS8.9AI score0.00271EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2022/09/13 1:59 p.m.66 views

CVE-2022-38139

The CVE-2022-38139 entry refers to multiple CSRF vulnerabilities in the WordPress RD Station plugin, affected versions 5.2.0 and earlier. Technical details from connected sources indicate the issue stems from missing CSRF checks in various parts of the plugin, enabling potential unauthorized acti...

8.8CVSS7.4AI score0.00271EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2022/09/13 1:59 p.m.16 views

CVE-2022-38139 WordPress RD Station plugin <= 5.2.0 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities in RD Station plugin = 5.2.0 at WordPress...

5.4CVSS9.2AI score0.00271EPSS
Exploits0References1
Rows per page
Query Builder