Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

Patchstack
Patchstackadded 2023/06/20 12:0 a.m.12 views

WordPress CMS Commander Plugin <= 2.287 is vulnerable to Broken Access Control

Software CMS Commander Type Plugin Vulnerable versions = 2.287 Fixed in 2.288 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-3325 Patch priority Low CVSS severity Low 8.1 Developer Claim ownership PSID 74937eb26e46 Credits Lana Codes Required privilege...

9.8CVSS6.6AI score0.00116EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2022/05/24 5:46 p.m.0 views

GHSA-PVWX-3JX5-24R2 Lack of type validation in agent related REST API in Jenkins

Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not validate the type of object created after loading the data submitted to the config.xml REST API endpoint of a node. This allows attackers with Computer/Configure permission to replace a node with one of a different type. Jenkins 2.287, L...

4.3CVSS5.9AI score0.00703EPSS
Exploits0References5
Rows per page
Query Builder