Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2026/05/15 6:45 a.m.8 views

CVE-2026-6646

The CVE concerns The7 Theme for WordPress (versions up to and including 14.3.2). A Stored Cross-Site Scripting vulnerability exists in the dt_default_button shortcode due to insufficient input sanitization and output escaping of the title component within the link shortcode parameter. This allows...

6.4CVSS6AI score0.00047EPSS
Exploits0References8
Patchstack
Patchstackadded 2026/05/14 12:0 a.m.4 views

WordPress The7 — Website and eCommerce Builder for WordPress theme <= 14.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by João Pedro Soares de Alcântara - Kinorth in WordPress Theme The7 versions = 14.3.2...

6.4CVSS5.8AI score0.00047EPSS
Exploits0References1Affected Software1
Snyk
Snykadded 2025/01/21 9:21 p.m.3 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure which allows an attacker to determine the existence of user accounts by analyzing the response times and codes. Remediation Upgrade Umbraco.Cms.Core to version 14.3.2, 15.1.2 or higher. References - GitHub Commit -...

6.9CVSS6.8AI score0.35161EPSS
Exploits1References2
Github Security Blog
Github Security Blogadded 2025/01/21 9:21 p.m.37 views

Umbraco Allows User Enumeration Feasible Based On Management API Timing and Response Codes

Impact Based on an analysis of response codes and timing of Umbraco 14+ management API responses, it's possible to determine whether an account exists. Patches Patched in 14.3.2 and 15.1.2. Workarounds None available...

5.3CVSS5.1AI score0.35161EPSS
Exploits1References5Affected Software1
NVD
NVDadded 2025/01/21 4:15 p.m.17 views

CVE-2025-24011

Umbraco is a free and open source .NET content management system. Starting in version 14.0.0 and prior to versions 14.3.2 and 15.1.2, it's possible to determine whether an account exists based on an analysis of response codes and timing of Umbraco management API responses. Versions 14.3.2 and...

5.3CVSS0.35161EPSS
Exploits1References3
OSV
OSVadded 2020/09/18 3:15 p.m.0 views

CVE-2020-9745

Adobe Media Encoder version 14.3.2 and earlier versions has an out-of-bounds read vulnerability that could be exploited to read past the end of an allocated buffer, possibly resulting in a crash or disclosure of sensitive information from other memory locations. User interaction is required to...

7.1CVSS7AI score
Exploits0References1
Prion
Prionadded 2020/09/18 3:15 p.m.15 views

Design/Logic Flaw

Adobe Media Encoder version 14.3.2 and earlier versions has an out-of-bounds read vulnerability that could be exploited to read past the end of an allocated buffer, possibly resulting in a crash or disclosure of sensitive information from other memory locations. User interaction is required to...

5.8CVSS6.5AI score0.01616EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder