Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2014-1272

Malware in sbrugna...

9.8CVSS6.9AI score0.00478EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-11093

Malware in sbrugna...

7.5CVSS7.5AI score0.00444EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2025/05/22 10:47 a.m.4 views

CVE-2017-20086

A vulnerability, which was classified as critical, was found in VaultPress Plugin 1.8.4. This affects an unknown part. The manipulation leads to code injection. It is possible to initiate the attack remotely...

7.5CVSS7.4AI score0.00444EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 12:31 a.m.6 views

CVE-2014-125104

A vulnerability was found in VaultPress Plugin up to 1.6.0 on WordPress. It has been declared as critical. Affected by this vulnerability is the function protectaioseoajax of the file class.vaultpress-hotfixes.php of the component MailPoet Plugin. The manipulation leads to unrestricted upload. Th...

9.8CVSS7AI score0.00478EPSS
Exploits0References1
NVD
NVDadded 2023/06/01 1:15 p.m.10 views

CVE-2014-125104

A vulnerability was found in VaultPress Plugin up to 1.6.0 on WordPress. It has been declared as critical. Affected by this vulnerability is the function protectaioseoajax of the file class.vaultpress-hotfixes.php of the component MailPoet Plugin. The manipulation leads to unrestricted upload. Th...

9.8CVSS7.1AI score0.00478EPSS
Exploits0References4
Prion
Prionadded 2023/06/01 1:15 p.m.15 views

Out-of-bounds

A vulnerability was found in VaultPress Plugin up to 1.6.0 on WordPress. It has been declared as critical. Affected by this vulnerability is the function protectaioseoajax of the file class.vaultpress-hotfixes.php of the component MailPoet Plugin. The manipulation leads to unrestricted upload. Th...

7.5CVSS7.1AI score0.00478EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2023/06/01 1:0 p.m.37 views

CVE-2014-125104

CVE-2014-125104 concerns VaultPress Plugin up to 1.6.0 on WordPress. The vulnerability affects the function protect_aioseo_ajax in the file class.vaultpress-hotfixes.php within the MailPoet Plugin, enabling unrestricted upload. The issue is exploitable remotely. A fix exists: upgrade to VaultPres...

9.8CVSS8AI score0.00478EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2023/06/01 12:0 a.m.2 views

PT-2023-10172 · Unknown · Vaultpress Plugin +1

Name of the Vulnerable Software and Affected Versions: VaultPress Plugin versions up to 1.6.0 Description: A critical issue has been found in the VaultPress Plugin, affecting the protect aioseo ajax function of the class.vaultpress-hotfixes.php file in the MailPoet Plugin component. This issue...

9.8CVSS7.2AI score0.00478EPSS
Exploits0References6
CNNVD
CNNVDadded 2023/06/01 12:0 a.m.2 views

WordPress plugin VaultPress 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin VaultPress...

9.8CVSS7.1AI score0.00478EPSS
Exploits0References5
NVD
NVDadded 2022/06/23 5:15 a.m.8 views

CVE-2017-20086

A vulnerability, which was classified as critical, was found in VaultPress Plugin 1.8.4. This affects an unknown part. The manipulation leads to code injection. It is possible to initiate the attack remotely...

7.5CVSS0.00444EPSS
Exploits1References2
OSV
OSVadded 2022/06/23 5:15 a.m.8 views

CVE-2017-20086

A vulnerability, which was classified as critical, was found in VaultPress Plugin 1.8.4. This affects an unknown part. The manipulation leads to code injection. It is possible to initiate the attack remotely...

7.5CVSS7.4AI score
Exploits0References2
Prion
Prionadded 2022/06/23 5:15 a.m.12 views

Code injection

A vulnerability, which was classified as critical, was found in VaultPress Plugin 1.8.4. This affects an unknown part. The manipulation leads to code injection. It is possible to initiate the attack remotely...

6CVSS7.9AI score0.00444EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2022/06/23 4:20 a.m.11 views

CVE-2017-20086 VaultPress Plugin code injection

A vulnerability, which was classified as critical, was found in VaultPress Plugin 1.8.4. This affects an unknown part. The manipulation leads to code injection. It is possible to initiate the attack remotely...

6.3CVSS7.8AI score0.00444EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2022/06/23 4:20 a.m.5 views

CVE-2017-20086 VaultPress Plugin code injection

A vulnerability, which was classified as critical, was found in VaultPress Plugin 1.8.4. This affects an unknown part. The manipulation leads to code injection. It is possible to initiate the attack remotely...

6.3CVSS7.7AI score0.00444EPSS
Exploits1References2
CVE
CVEadded 2022/06/23 4:20 a.m.34 views

CVE-2017-20086

CVE-2017-20086 affects VaultPress Plugin 1.8.4 (WordPress ecosystem). The connected documents consistently describe a code-injection vulnerability in an unspecified part of the plugin that enables remote exploitation. The exact root cause, affected component/version details, and a published fix a...

7.5CVSS7.1AI score0.00444EPSS
Exploits1References2Affected Software1
CNNVD
CNNVDadded 2022/06/23 12:0 a.m.1 views

WordPress Plugin VaultPress 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS7.5AI score0.00444EPSS
Exploits1References3
Patchstack
Patchstackadded 2017/09/25 12:0 a.m.15 views

WordPress VaultPress plugin <=1.9 - Unauthenticated RCE vulnerability

Unauthenticated Remote Code Execution RCE vulnerability found by Slavco in WordPress VaultPress plugin version 1.89-1.9. Solution Update the VaultPress plugin to the latest available version at least 1.9.1...

4.7AI score
Exploits0References2Affected Software1
WPVulnDB
WPVulnDBadded 2017/09/16 12:0 a.m.10 views

VaultPress 1.89-1.9 - Unauthenticated RCE

The builtin WAF must be disabled or bypassed for successful exploitation. v1.89 - Improper usage of opensslverify - signature compare - timing attack unsafe v1.9 - signature compare - timing attack unsafe...

2.4AI score
Exploits0References2Affected Software1
Hacker One
Hacker Oneadded 2017/06/05 10:28 a.m.43 views

Automattic: Unauthenticated RCE in Vaultpress

Hitting wordpress instalattion with vaultpress on it with get parameter vaultpress=true attacker is one method away from RCE and that method is validateapisignature. In this method we have the following constraints: 1. Firewall 2. Usage recomended of openssl to validate API call In case of disabl...

1AI score
Exploits0
0day.today
0day.todayadded 2017/03/05 12:0 a.m.41 views

WordPress VaultPress 1.8.4 Remote Code Execution / Man-In-The-Middle Vulnerabilities

Exploit for php platform in category web applications ------------------------------------------------------------------------ VaultPress - Remote Code Execution via Man in The Middle attack ------------------------------------------------------------------------ David Vaartjes, July 2016...

7.1AI score
Exploits0
Rows per page
Query Builder