Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Patchstack
Patchstackadded 2026/02/19 12:5 a.m.4 views

WordPress Shield Security: Blocks Bots, Protects Users, and Prevents Security Breaches plugin <= 21.0.9 - Missing Authorization to Authenticated (Subscriber+) Email MFA Update vulnerability

Missing Authorization to Authenticated Subscriber+ Email MFA Update vulnerability discovered by shark3y in WordPress Plugin Shield Security versions = 21.0.9...

4.3CVSS5.5AI score0.00013EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2024/04/24 8:36 a.m.3 views

WordPress WooCommerce Customers Manager plugin < 29.8 - Subscriber+ Email Disclosure vulnerability

Subscriber+ Email Disclosure vulnerability discovered by Erwan LR WPScan in WordPress Plugin WooCommerce Customers Manager versions 29.8...

6.5CVSS7AI score0.00082EPSS
Exploits2References1Affected Software1
Cvelist
Cvelistadded 2022/05/09 4:50 p.m.14 views

CVE-2022-0424 Popup by Supsystic < 1.10.9 - Unauthenticated Subscriber Email Addresses Disclosure

The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated attackers to call it and get the email addresses of subscribed users...

5.7AI score0.41967EPSS
Exploits2References1
ATTACKERKB
ATTACKERKBadded 2022/02/21 11:15 a.m.3 views

CVE-2022-0164

The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not have authorisation and CSRF checks in its comingsoonsendmail AJAX action, allowing any authenticated users, with a role as low as subscriber to send arbitrary emails to all subscribed users...

4.3CVSS5.6AI score0.00087EPSS
Exploits2References3
Prion
Prionadded 2017/03/09 9:59 a.m.23 views

Sql injection

A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta aka mail-masta plugin 1.0 for WordPress. This affects ./inc/subscriberlist.php with the POST Parameter: subscriberemail...

6.5CVSS7.3AI score0.00729EPSS
Exploits2References2Affected Software1
Packet Storm
Packet Stormadded 2012/02/25 12:0 a.m.29 views

Assembla.com Cross Site Scripting

Date: 25.02.2012 Author: Sony Web Browser : Mozilla Firefox Blog : http://st2tea.blogspot.com PoC: http://st2tea.blogspot.com/2012/02/assemblacom-cross-site-scripting.html .................................................................. Create FreeSpace...

Exploits0
Exploit DB
Exploit DBadded 2006/12/23 12:0 a.m.33 views

open NewsLetter 2.5 - Multiple Vulnerabilities (2)

!/usr/bin/php -q -d shortopentag=on \r\n"; echo "Thanks to rgod for the php code and Marty for the Love\r\n\r\n"; if $argc Related: None\r\n"; echo " |- Es: php ".$argv0." localhost /opnletter/ 1\r\n\r\n"; echo " 2 - Credential Retrieve\r\n"; echo " |- Related: None\r\n"; echo " |- Es: php...

7.4AI score
Exploits0
Rows per page
Query Builder