Lucene search
K

13 matches found

Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.10 views

PT-2026-46380

Unauthenticated Local File Inclusion in Roneous = 2.1.5 versions...

8.1CVSS5.2AI score0.00474EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.11 views

PT-2026-46343

Unauthenticated PHP Object Injection in Plumbing = 1.6 versions...

9.8CVSS5.3AI score0.00386EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/01/17 2:59 a.m.215 views

Exploit for CVE-2025-8489

100-days-challenge-day-21--WP scan WP Scan helped identify co...

10CVSS8.8AI score0.20631EPSS
Exploits10
Veracode
Veracode
added 2025/11/05 6:8 a.m.5 views

Client-Side Content Injection (XSS)

dotnetnuke.core is vulnerable to Client-Side Content Injection XSS. The vulnerability is due to improper validation of query parameters, which allows an attacker to load and exploit vulnerable themes on client browsers without the site owner’s knowledge...

6.5CVSS7.1AI score0.00322EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2025/05/02 4:15 a.m.2 views

CVE-2024-13418

Multiple plugins and/or themes for WordPress are vulnerable to Arbitrary File Uploads due to a missing capability check on the ajaxUploadFonts function in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files that c...

8.8CVSS6.4AI score0.00595EPSS
Exploits0References2
Prion
Prion
added 2023/06/07 2:15 a.m.14 views

Remote code execution

The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely = 1.2.7, NewsMag = 2.4.1, Activello = 1.4.0, Illdy = 2.1.4, Allegiant = 1.2.2, Newspaper X = 1.3.1, Pixova Lite = 2.0.5, Brilliance = 1.2.7, MedZone Lite = 1.2.4, Regina Lite = 2.0.4,...

7.5CVSS9.6AI score0.65342EPSS
Exploits1References5Affected Software16
Vulnrichment
Vulnrichment
added 2023/06/07 1:51 a.m.15 views

CVE-2020-36708 Epsilon Framework Themes (Various Versions) - Function Injection

The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely = 1.2.7, NewsMag = 2.4.1, Activello = 1.4.0, Illdy = 2.1.4, Allegiant = 1.2.2, Newspaper X = 1.3.1, Pixova Lite = 2.0.5, Brilliance = 1.2.7, MedZone Lite = 1.2.4, Regina Lite = 2.0.4,...

9.8CVSS7.4AI score0.65342EPSS
Exploits1References5
Kitploit
Kitploit
added 2021/07/14 9:30 p.m.46 views

Wpscvn - Wpscvn Is A Tool For Pentesters, Website Owner To Test If Their Websites Had Some Vulnerable Plugins Or Themes

wpscvn is a tool for pentesters, website owner to test if their websites had some vulnerable plugins or themes The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent is illegal and punished by law. requires : Python 3 usage ...

7.3AI score
Exploits0References1
WPVulnDB
WPVulnDB
added 2015/05/03 12:0 a.m.33 views

WordPress Slider Revolution Shell Upload

Description Note: The Construct, Echelon, Fusion, Method, Modular and Myriad affected themes are from the Mysitemyway, who went out of business, and the themes have been forked by BackStop Themes who does not use Revslider...

7.5CVSS6.4AI score0.75256EPSS
Exploits2References2
securityvulns
securityvulns
added 2014/10/14 12:0 a.m.56 views

XSS vulnerability in In-Portal CMS

Hello 3APA3A! After I informed developers in August about multiple vulnerabilities in In-Portal CMS and they answered they would fix them soon so wait for disclosure of the first vulnerabilities, I found new hole in this CMS at their official site. This is Cross-Site Scripting vulnerability in...

0.2AI score
Exploits0
0day.today
0day.today
added 2014/09/18 12:0 a.m.70 views

WordPress 0day - Hades Plus Framework Add Administrator

Exploit for php platform in category web applications Exploit Title : WordPress 0day - Hades Plus Framework Add Administrator Exploit Author : NULLPointer Date : 18/09/2014 Version: 6.2 Tested on : Linux, Windows 7 -------------------------------------------------------------- WordPress Hades...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.40 views

Vulnerabilities in multiple themes for WordPress with jPlayer

Hello 3APA3A! I want to inform you about multiple vulnerabilities in multiple themes for WordPress with jPlayer. These are Cross-Site Scripting, Content Spoofing and Full path disclosure vulnerabilities. I've wrote about vulnerabilities in jPlayer earlier...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2011/10/04 12:0 a.m.33 views

Vulnerability in multiple themes for Drupal

Hello list! The endless saga continue. After informing about a lot of vulnerable plugins and widgets with this swf-file, here is information about multiple vulnerable themes ;-. I want to warn you about Cross-Site Scripting vulnerability in multiple themes for Drupal. And a lot of other themes fo...

0.5AI score
Exploits0
Rows per page
Query Builder