Lucene search
K

16050 matches found

Nuclei
Nuclei
added yesterday18 views

WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation

Privilege escalation vulnerability exists in the Frontend Login and Registration Blocks plugin for WordPress versions = 1.0.7. An unauthenticated attacker can exploit the AJAX endpoint flrblocksusersettingshandleajaxcallback to change the administrator's email address. Subsequently, the attacker...

9.8CVSS7AI score0.06441EPSS
Exploits4References5
Nuclei
Nuclei
added yesterday16 views

Hippoo Mobile App for WooCommerce <= 1.9.4 - Authentication Bypass to Admin Account Takeover

Hippoo Mobile App for WooCommerce WordPress plugin = 1.9.4 contains an authentication bypass caused by logic conflation in user permission checks, letting unauthenticated attackers take over administrator accounts via REST API password reset. id: CVE-2026-10580 info: name: Hippoo Mobile App for...

9.8CVSS6.1AI score0.02841EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday11 views

BMC FootPrints - Authentication Bypass

BMC FootPrints versions 20.20.02 through 20.24.01.001 contain an authentication bypass vulnerability in the password reset functionality. Unauthenticated attackers can access the /footprints/servicedesk/passwordreset/request/ endpoint to obtain a valid SECTOKEN session cookie without proper...

9.1CVSS6.2AI score0.3436EPSS
Exploits4References2
Nuclei
Nuclei
added yesterday13 views

PHP Login System 2.0.1 - Cross-Site Scripting

msaad1999's PHP-Login-System 2.0.1 contains a reflected cross-site scripting caused by unsanitized input in 'validator' parameter in /reset-password, letting remote attackers execute arbitrary JavaScript in a user's browser, exploit requires attacker to craft malicious URL id: CVE-2023-38875 info...

6.1CVSS6.6AI score0.00824EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday10 views

LG LED Assistant - Unauthenticated Password Reset

The /api/changePw endpoint in LG LED Assistant allows unauthenticated password resets when requests are considered to come from localhost. An attacker can spoof the X-Forwarded-For header with value 127.0.0.1 to trigger the behavior and receive a success response. id: CVE-2024-2862 info: name: LG...

9.8CVSS6.1AI score0.51001EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday12 views

ThemeGrill Demo Importer < 1.6.2 - Database Reset

ThemeGrill Demo Importer before 1.6.2 does not require authentication for wiping the database due to a resetwizardactions hook. In versions 1.3.4 and above and versions 1.6.1 and below, there is a vulnerability that allows any unauthenticated user to wipe the entire database to its default state...

9.1CVSS7.1AI score0.03429EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday14 views

Piwigo - User Enumeration via Password Reset

Piwigo is an open source photo gallery application for the web. In version 15.5.0 and likely earlier 15.x releases, the password reset functionality in Piwigo allows an unauthenticated attacker to determine whether a given username or email address exists in the system. The endpoint at...

6.9CVSS6.1AI score0.00766EPSS
Exploits1References1
Nuclei
Nuclei
added yesterday13 views

LiquidFiles < 4.2 - User Enumeration via Password Reset

LiquidFiles filetransfer server before 4.2 contains a user enumeration vulnerability caused by distinguishable responses in password reset functionality, letting unauthenticated attackers enumerate valid user accounts, exploit requires no authentication. id: CVE-2025-56132 info: name: LiquidFiles...

7.3CVSS6.1AI score0.00648EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday44 views

iTop - User Enumeration via REST Endpoint

From the webservices/rest.php file, several operations are accessible from an unauthenticated user. One of them is doresetpwd, allowing to reset a user password. This feature can be abused to perform user enumeration when a non-existent user is provided. id: CVE-2024-51739 info: name: iTop - User...

7.5CVSS7AI score0.01259EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday16 views

Profile Builder < 3.4.9 - Improper Authentication

The Profile Builder plugin before 3.4.9 for WordPress allows unauthenticated attackers to gain administrative access by exploiting an improper authentication vulnerability in the password reset functionality. An attacker can reset the password of any user, including administrators, without proper...

10CVSS7AI score0.07696EPSS
Exploits2References2
Nuclei
Nuclei
added yesterday16 views

NocoDB < 0.258.0 - Reflected XSS in Password Reset

NocoDB versions before 0.258.0 contain a reflected cross-site scripting caused by insecure use of '\u003C%-' in resetPassword.ts, letting attackers execute malicious scripts in victims' browsers, exploit requires sending crafted requests to /api/v1/db/auth/password/reset/:tokenId. id:...

6.1CVSS6.1AI score0.00683EPSS
Exploits1References3
NVD
NVD
added 2 days ago7 views

CVE-2026-56313

Capgo before 12.128.2 contains a cross-organization account disruption vulnerability in the SSO prelink endpoint that allows enterprise administrators to delete password identities of users in foreign organizations. Attackers with org.updatesettings permission and an active SSO provider can call...

8.1CVSS0.00276EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 3 days ago10 views

PT-2026-57416

Name of the Vulnerable Software and Affected Versions The Essential Addons for Elementor versions prior to 6.6.11 Description Insufficient server-side validation of a Login/Register widget setting allows authenticated attackers with Contributor-level access or higher to perform Email Header...

8.8CVSS6.1AI score0.00367EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 3 days ago8 views

PT-2026-57403

Name of the Vulnerable Software and Affected Versions SureCart versions prior to 4.2.4 Description An issue exists that allows privilege escalation via account takeover. The software fails to properly validate a user's identity when updating details, such as the email address, during customer...

8.1CVSS6.1AI score0.00302EPSS
Exploits0References7
NVD
NVD
added 4 days ago7 views

CVE-2026-58503

Frappe is a full-stack web application framework. Prior to 16.16.0 and 15.106.0, user enumeration could be performed via the resetpassword endpoint. This issue is fixed in versions 16.16.0 and 15.106.0...

6.9CVSS0.00354EPSS
Exploits0References7
CVE
CVE
added 4 days ago8 views

CVE-2026-58503

Frappe CVE-2026-58503 affects the reset_password endpoint, allowing unauthenticated user enumeration prior to versions 16.16.0 and 15.106.0. The issue is mitigated by the fixes introduced in 16.16.0 and 15.106.0. The CVSS metrics (v4.0) indicate NETWORK access with low attack complexity and no pr...

6.9CVSS6.1AI score0.00354EPSS
Exploits0References7
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-58503 Frappe: Unauthenticated User Enumeration via reset_password

Frappe is a full-stack web application framework. Prior to 16.16.0 and 15.106.0, user enumeration could be performed via the resetpassword endpoint. This issue is fixed in versions 16.16.0 and 15.106.0...

6.9CVSS0.00354EPSS
Exploits0References7
The Hacker News
The Hacker News
added 4 days ago11 views

Laser Attack Resets Tangem Wallet Passwords on Cards That Can't Be Patched

Researchers at Ledger's Donjon security team have shown that a precisely timed laser pulse, aimed at the chip inside a Tangem crypto wallet card, can reset the card's password to anything the attacker picks. No old password. No backup card. Once it is reset, whoever did it controls the wallet and...

6.1AI score
Exploits0
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42882

Capgo before 12.128.2 contains an authentication bypass vulnerability in the password change endpoint that allows attackers to change user passwords without requiring current password confirmation. Attackers with temporary session access can exploit this flaw to permanently lock out legitimate...

8.7CVSS6.1AI score0.00357EPSS
Exploits0References2
NVD
NVD
added 4 days ago6 views

CVE-2026-6440

The GoodMeet – Google Meet Integration for Webinar, Meeting & Video Conference plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.1.8. This is due to a missing nonce verification in the resetcredential function, which handles the...

4.3CVSS0.00168EPSS
Exploits0References8
Rows per page
Query Builder