Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5 matches found

Nuclei
Nucleiadded 17 hours ago479 views

WordPress File Manager Plugin - Remote Code Execution

The WordPress File Manager plugin prior to version 6.9 is susceptible to remote code execution. The vulnerability allows unauthenticated remote attackers to upload .php files. id: CVE-2020-25213 Uploaded file will be accessible at:-...

10CVSS8.4AI score0.94411EPSS
Exploits13References5
Nuclei
Nucleiadded yesterday27 views

WordPress Plugin File Manager (wp-file-manager) Backup Disclosure

mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to the fmbackups directory with a .htaccess file. This results in the ability for unauthenticated users to browse and download any site backups, which sometimes include full database backups, that the plugin has taken...

7.5CVSS7.1AI score0.64994EPSS
Exploits2References5
GithubExploit
GithubExploitadded 2020/08/25 10:7 p.m.4 views

Exploit for Unrestricted Upload of File with Dangerous Type in Webdesi9 File_Manager

CVE-2020-25213 wp-file-manager 6.7 20th Aug 2020 Wordpress...

10CVSS6.9AI score0.94411EPSS
Exploits13
Packet Storm
Packet Stormadded 2017/12/20 12:0 a.m.77 views

WordPress Custom Map 1.1 Cross Site Scripting

Product: Custom Map WordPress Plugin - https://wordpress.org/plugins/custom-map/ Vendor: webdesi9 Tested version: 1.1 CVE ID: CVE-2017-17744 CVE description A cross-site scripting XSS vulnerability in the custom-map plugin through 1.1 for WordPress allows remote attackers to inject arbitrary web...

0.00209EPSS
Exploits3
0day.today
0day.todayadded 2017/12/20 12:0 a.m.34 views

WordPress Custom Map 1.1 Cross Site Scripting Vulnerability

WordPress Custom Map plugin version 1.1 suffers from a cross site scripting vulnerability. Product: Custom Map WordPress Plugin - https://wordpress.org/plugins/custom-map/ Vendor: webdesi9 Tested version: 1.1 CVE ID: CVE-2017-17744 CVE description A cross-site scripting XSS vulnerability in the...

4.3CVSS6.2AI score0.00209EPSS
Exploits3
Rows per page
Query Builder