CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

66 matches found

CNNVD•added 2026/02/26 12:0 a.m.•4 views

Sub2API 安全漏洞

Sub2API is an API gateway platform developed by Wesley Liddick. Versions of Sub2API prior to 0.1.85 contained security vulnerabilities; these vulnerabilities were caused by password reset attacks, which could lead to account takeover...

9.3CVSS5.8AI score0.00051EPSS

Exploits0References1

Patchstack•added 2026/02/02 7:41 p.m.•2 views

WordPress Elementor Addon Elements plugin <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Twitter Widget vulnerability discovered by wesley wcraft in WordPress Plugin Elementor Addon Elements versions = 1.13.3...

5.4CVSS5.2AI score0.00323EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/02/02 2:53 p.m.•4 views

WordPress Premium Addons PRO plugin <= 2.9.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Mouse Cursor Module vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Custom Mouse Cursor Module vulnerability discovered by wesley wcraft in WordPress Plugin Premium Addons PRO versions = 2.9.12...

6.4CVSS5.3AI score0.00229EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/02/02 2:18 p.m.•5 views

WordPress Royal Elementor Addons and Templates plugin <= 1.3.971 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Royal Elementor Addons versions = 1.3.971...

6.5CVSS5.3AI score0.00109EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/12/16 9:13 a.m.•3 views

WordPress WPCOM Member plugin <= 1.7.16 - Authentication Bypass via Weak OTP vulnerability

Authentication Bypass via Weak OTP vulnerability discovered by wesley wcraft in WordPress Plugin WPCOM Member versions = 1.7.16...

8.1CVSS7AI score0.00298EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/03/08 3:41 a.m.•2 views

WordPress miniOrange Social Login and Register Pro Addon plugin <= 200.3.9 - Authentication Bypass vulnerability

Authentication Bypass vulnerability discovered by wesley wcraft in WordPress Plugin miniOrange Social Login and Register Pro Addon versions = 200.3.9...

9.8CVSS7AI score0.00052EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/03/06 10:7 p.m.•2 views

WordPress WPCOM Member plugin <= 1.7.5 - Authentication Bypass via 'user_phone' vulnerability

Authentication Bypass via 'userphone' vulnerability discovered by wesley wcraft in WordPress Plugin WPCOM Member versions = 1.7.5...

9.8CVSS7AI score0.00127EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/02/27 11:19 p.m.•4 views

WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.6 - Unauthenticated User Information Exposure vulnerability

Unauthenticated User Information Exposure vulnerability discovered by wesley wcraft in WordPress Plugin Post Grid and Gutenberg Blocks versions = 2.3.6...

7.5CVSS7AI score0.00206EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/02/24 11:40 p.m.•3 views

WordPress Classified Listing – Classified ads & Business Directory Plugin plugin <= 4.0.4 - Unauthenticated Settings Exposure vulnerability

Unauthenticated Settings Exposure vulnerability discovered by wesley wcraft in WordPress Plugin Classified Listing versions = 4.0.4...

5.3CVSS7AI score0.00169EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/02/20 5:18 p.m.•2 views

WordPress Pie Register plugin <= 3.8.4 - Sensitive Information Exposure via Log Files vulnerability

Sensitive Information Exposure via Log Files vulnerability discovered by wesley wcraft in WordPress Plugin Pie Register versions = 3.8.4...

7.5CVSS7AI score0.00077EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/01/13 9:51 p.m.•1 views

WordPress Groundhogg plugin <= 3.7.3.5 - Authenticated (Author+) Arbitrary File Upload via gh_big_file_upload Function vulnerability

Authenticated Author+ Arbitrary File Upload via ghbigfileupload Function vulnerability discovered by wesley wcraft in WordPress Plugin Groundhogg versions = 3.7.3.5...

8.8CVSS7AI score0.04934EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/11/22 9:18 p.m.•1 views

WordPress Social Login plugin <= 5.9.0 - Authentication Bypass vulnerability

Authentication Bypass vulnerability discovered by wesley wcraft in WordPress Plugin Social Login versions = 5.9.0...

9.8CVSS7AI score0.02612EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/11/08 10:19 p.m.•1 views

WordPress User Meta plugin <= 3.1 - Insecure Direct Object Reference to Sensitive Information Exposure vulnerability

Insecure Direct Object Reference to Sensitive Information Exposure vulnerability discovered by wesley wcraft in WordPress Plugin User Meta versions = 3.1...

6.5CVSS6.9AI score0.00537EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/11/05 10:13 p.m.•1 views

WordPress Heateor Social Login WordPress plugin <= 1.1.35 - Authentication Bypass vulnerability

Authentication Bypass vulnerability discovered by wesley wcraft in WordPress Plugin Heateor Social Login versions = 1.1.35...

8.1CVSS7AI score0.00623EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/11/05 12:0 a.m.•7 views

WordPress Heateor Social Login Plugin <= 1.1.35 is vulnerable to Broken Authentication

Software Heateor Social Login Type Plugin Vulnerable versions = 1.1.35 Fixed in 1.1.36 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10020 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 0cb2e3c4d2f1 Credits...

8.1CVSS6.8AI score0.00623EPSS

Exploits0References3Affected Software1

Patchstack•added 2024/11/04 8:59 p.m.•2 views

WordPress Social Login - WordPress Plugin plugin <= 2.7.7 - Authentication Bypass vulnerability

WordPress Social Login - WordPress Plugin plugin = 2.7.7 - Authentication Bypass vulnerability discovered by wesley wcraft in WordPress Plugin WooCommerce Social Login versions = 2.7.7...

8.1CVSS7AI score0.003EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/11/04 8:50 p.m.•2 views

WordPress Loginizer plugin <= 1.9.2 - Authentication Bypass vulnerability

Authentication Bypass vulnerability discovered by wesley wcraft in WordPress Plugin Loginizer versions = 1.9.2...

8.1CVSS7AI score0.00316EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/11/04 12:0 a.m.•10 views

WordPress Loginizer Security Plugin <= 1.9.2 is vulnerable to Broken Authentication

Software Loginizer Security Type Plugin Vulnerable versions = 1.9.2 Fixed in 1.9.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10097 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 39d130db7003 Credits...

8.1CVSS8AI score0.00316EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/10/28 7:59 a.m.•1 views

WordPress Wp Social Login and Register Social Counter plugin <= 3.0.7 - Authentication Bypass vulnerability

Authentication Bypass vulnerability discovered by wesley wcraft in WordPress Plugin Wp Social versions = 3.0.7...

9.8CVSS7AI score0.00334EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/10/28 12:0 a.m.•11 views

WordPress Wp Social Plugin <= 3.0.7 is vulnerable to Broken Authentication

Software Wp Social Type Plugin Vulnerable versions = 3.0.7 Fixed in 3.0.8 OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2024-9501 Patch priority High CVSS severity High 9.8 Developer Wpmet PSID 239b8bacd5e7 Credits wesley wcraft Required privilege...

9.8CVSS6.6AI score0.00334EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by