Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ATTACKERKB
ATTACKERKBadded 2026/04/20 7:27 p.m.1 views

CVE-2026-5478

The Everest Forms plugin for WordPress is vulnerable to Arbitrary File Read and Deletion in all versions up to, and including, 3.4.4. This is due to the plugin trusting attacker-controlled oldfiles data from public form submissions as legitimate server-side upload state, and converting...

8.1CVSS5.8AI score0.00059EPSS
Exploits0References6
NVD
NVDadded 2025/08/13 5:15 a.m.4 views

CVE-2025-7384

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.3 via deserialization of untrusted input in the getleaddetail function. This makes it possible for unauthenticated attackers to inject a P...

9.8CVSS0.02022EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/08/27 12:0 a.m.2 views

PT-2024-37533 · WordPress · Funnelforms Free

Name of the Vulnerable Software and Affected Versions: Funnelforms Free plugin for WordPress versions up to, and including, 3.7.3.2 Description: The issue is related to arbitrary file deletion due to the plugin not properly validating a file or its path prior to deletion. This is made possible vi...

6.5CVSS7.6AI score0.1278EPSS
Exploits0References9
CNNVD
CNNVDadded 2021/06/21 12:0 a.m.4 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in WP Config File Editor WordPress plugin 1.7.1 and earlier versions...

5.4CVSS5.7AI score0.00368EPSS
Exploits2References1
Kitploit
Kitploitadded 2019/11/07 12:0 p.m.1246 views

Github-Dorks - Collection Of Github Dorks And Helper Tool To Automate The Process Of Checking Dorks

Github search is quite powerful and useful feature and can be used to search sensitive data on the repositories. Collection of github dorks that can reveal sensitive personal and/or organizational information such as private keys, credentials, authentication tokens, etc. This list is supposed to ...

7.3AI score
Exploits0References6
0day.today
0day.todayadded 2017/03/16 12:0 a.m.31 views

Wordpress Membership Simplified v1.58 Plugin - Arbitrary File Download Exploit

Exploit for php platform in category web applications import requests import string import random from urlparse import urlparse print "---------------------------------------------------------------------" print "Wordpress Plugin Membership Simplified v1.58 - Arbitrary File Download\nDiscovery:...

1.9CVSS6.4AI score0.39956EPSS
Exploits7
Exploit DB
Exploit DBadded 2011/09/19 12:0 a.m.32 views

WordPress Plugin Disclosure Policy 1.0 - Remote File Inclusion

Exploit Title: Disclosure Policy Plugin Wordpress plugin RFI Google Dork: inurl:wp-content/plugins/disclosure-policy-plugin Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing Software Link: http://wordpress.org/extend/plugins/disclosure-policy-plugin/download/...

7.4AI score
Exploits0
Rows per page
Query Builder