Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

131 matches found

NVD
NVDadded 2026/06/15 2:16 p.m.11 views

CVE-2018-25437

WordPress CherryFramework Themes 3.1.4 contains an information disclosure vulnerability that allows unauthenticated attackers to download sensitive backup files by accessing the downloadbackup.php endpoint. Attackers can directly access the downloadbackup.php script in the admin/datamanagement...

8.7CVSS0.00287EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/06/05 7:21 p.m.12 views

CVE-2026-3535

The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the DSGVOGWPdownloadGoogleFonts function in all versions up to, and including, 1.1. The function is exposed via a wpajaxnopriv hook, requiring no authentication. It...

9.8CVSS5.9AI score0.0092EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.14 views

PT-2026-46323

Unauthenticated Local File Inclusion in Imba = 1.5.0 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.17 views

PT-2026-46320

Unauthenticated Local File Inclusion in Geya = 1.15 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.12 views

PT-2026-46342

Unauthenticated Local File Inclusion in Fortius = 2.3.0 versions...

8.1CVSS5.2AI score0.00348EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.12 views

PT-2026-46372

Unauthenticated Local File Inclusion in Spike = 1.2 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.11 views

PT-2026-46363

Unauthenticated Local File Inclusion in Printo = 1.11 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.16 views

PT-2026-46329

Unauthenticated Local File Inclusion in Planty = 1.14.0 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.12 views

PT-2026-46328

Unauthenticated PHP Object Injection in Reisen = 1.4.1 versions...

9.8CVSS5.3AI score0.00386EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.13 views

PT-2026-46370

Unauthenticated Local File Inclusion in Gunslinger = 1.7 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.13 views

PT-2026-46322

Unauthenticated Local File Inclusion in Modernee = 1.6.0 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.13 views

PT-2026-46353

Unauthenticated Local File Inclusion in Preservation = 1.10 versions...

8.1CVSS5.2AI score0.00348EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.14 views

PT-2026-46331

Unauthenticated Local File Inclusion in MaxiNet = 1.2.10 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.15 views

PT-2026-46330

Unauthenticated Local File Inclusion in Nexio = 1.10.0 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.12 views

PT-2026-46367

Unauthenticated Local File Inclusion in WineShop = 3.17 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.12 views

PT-2026-46374

Unauthenticated Local File Inclusion in Orpheus = 1.3 versions...

8.1CVSS5.2AI score0.00348EPSS
Exploits0References2
Wordfence Blog
Wordfence Blogadded 2026/05/29 4:23 p.m.26 views

Wordfence Bug Bounty Program Monthly Report – March 2026

In March 2026, the Wordfence Bug Bounty Program received 1718 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem. These submissions are reviewed, triaged, and processed by the Wordfence Threat...

6.2AI score
Exploits0
EUVD
EUVDadded 2026/05/01 5:29 a.m.3 views

EUVD-2024-55564

Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via the url parameter in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...

6.1CVSS5.5AI score0.00276EPSS
Exploits0References24
Wordfence Blog
Wordfence Blogadded 2026/04/23 3:44 p.m.9 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 13, 2026 to April 19, 2026)

Last week, there were 139 vulnerabilities disclosed in 118 WordPress Plugins and 10 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 85 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilitie...

6AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/03/25 12:0 a.m.1 views

WPProbe Plugin Enumeration Tool 0.11.2

A fast WordPress plugin and theme scanner that detects installed plugins via REST API enumeration and themes from HTML discovery, then maps them to known vulnerabilities. Over 5,000 plugins detectable without brute-force, thousands more with it...

5.8AI score
Exploits0
Rows per page
Query Builder