Lucene search
K

299 matches found

Nuclei
Nuclei
added yesterday18 views

WordPress Button Generator <2.3.3 - Remote File Inclusion

WordPress Button Generator before 2.3.3 within the wow-company admin menu page allows arbitrary file inclusion with PHP extensions as well as with data:// or http:// protocols, thus leading to cross-site request forgery and remote code execution. id: CVE-2021-25052 info: name: WordPress Button...

8.8CVSS7.5AI score0.0353EPSS
Exploits2References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: wifi: rtw89: wow: fixed the GTK offload H2C skbuff issue We mistakenly considered skb to be too large, which might have exceeded skb-end. Therefore, we have corrected this issue. skbuff: skboverpanic: text:ffffffffc09e9a9d...

5.5CVSS5.5AI score0.0018EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 1:16 p.m.15 views

CVE-2017-20244

Wow Forms WordPress Plugin version 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to read arbitrary database information by exploiting an unescaped POST parameter. Attackers can inject SQL code through the 'mwpformid' parameter in requests to the admin-ajax.php...

8.8CVSS0.0027EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/09 11:48 a.m.11 views

CVE-2017-20245 Wow Viral Signups 2.1 WordPress Plugin SQL Injection

Wow Viral Signups 2.1 WordPress plugin contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by exploiting the unescaped 'idsignup' POST parameter. Attackers can send crafted requests to the admin-ajax.php endpoint with malicious SQL payload...

8.8CVSS5.8AI score0.0027EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/09 11:48 a.m.9 views

EUVD-2017-18971

Wow Viral Signups 2.1 WordPress plugin contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by exploiting the unescaped 'idsignup' POST parameter. Attackers can send crafted requests to the admin-ajax.php endpoint with malicious SQL payload...

8.8CVSS5.8AI score0.0027EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/09 11:48 a.m.9 views

EUVD-2017-18970

Wow Forms WordPress Plugin version 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to read arbitrary database information by exploiting an unescaped POST parameter. Attackers can inject SQL code through the 'mwpformid' parameter in requests to the admin-ajax.php...

8.8CVSS5.8AI score0.0027EPSS
Exploits0References5
CVE
CVE
added 2026/06/09 11:48 a.m.23 views

CVE-2017-20244

CVE-2017-20244 affects Wow Forms WordPress Plugin version 2.1. The vulnerability is an SQL injection in admin-ajax.php handling the send_mwp_form action, exploitable via an unescaped POST parameter mwpformid, allowing unauthenticated attackers to read arbitrary database information. Reported CVSS...

8.8CVSS5.8AI score0.0027EPSS
Exploits0References5
CVE
CVE
added 2026/06/09 11:48 a.m.20 views

CVE-2017-20245

CVE-2017-20245 affects the Wow Viral Signups 2.1 WordPress plugin. It describes an SQL injection through the unescaped idsignup POST parameter in admin-ajax.php, allowing unauthenticated attackers to extract data from the database. CVSS 3.1 base score 8.2 (HIGH) and CVSS 4.0 base score 8.8 (HIGH)...

8.8CVSS5.8AI score0.0027EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/09 11:48 a.m.10 views

CVE-2017-20244 Wow Forms WordPress Plugin 2.1 SQL Injection

Wow Forms WordPress Plugin version 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to read arbitrary database information by exploiting an unescaped POST parameter. Attackers can inject SQL code through the 'mwpformid' parameter in requests to the admin-ajax.php...

8.8CVSS5.8AI score0.0027EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.10 views

PT-2026-47768

Wow Viral Signups 2.1 WordPress plugin contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by exploiting the unescaped 'idsignup' POST parameter. Attackers can send crafted requests to the admin-ajax.php endpoint with malicious SQL payload...

8.8CVSS5.8AI score0.0027EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.8 views

WordPress plugin Wow Viral Signups SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

8.8CVSS5.8AI score0.0027EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

WordPress plugin Wow Forms SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.8CVSS6AI score0.0027EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.16 views

PT-2026-47767

Wow Forms WordPress Plugin version 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to read arbitrary database information by exploiting an unescaped POST parameter. Attackers can inject SQL code through the 'mwpformid' parameter in requests to the admin-ajax.php...

8.8CVSS5.8AI score0.0027EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.9 views

CVE-2026-27393

Missing Authorization vulnerability in Tobias CF7 WOW Styler allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 WOW Styler: from n/a through 1.7.6...

5.3CVSS5.4AI score0.00171EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/04 2:21 a.m.8 views

SUSE CVE-2026-46271

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 firmware crashes due to WoW offloads enabled on both primary and secondary links. Change to do it only on primary link to fix it...

5.8AI score0.00119EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/03 3:50 p.m.42 views

CVE-2026-46271 wifi: ath12k: do WoW offloads only on primary link

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 firmware crashes due to WoW offloads enabled on both primary and secondary links. Change to do it only on primary link to fix it...

7.8CVSS0.00119EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/03 3:50 p.m.9 views

CVE-2026-46271

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 firmware crashes due to WoW offloads enabled on both primary and secondary links. Change to do it only on primary link to fix it...

5.8AI score0.00119EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/03 3:50 p.m.9 views

EUVD-2026-34133

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 firmware crashes due to WoW offloads enabled on both primary and secondary links. Change to do it only on primary link to fix it...

5.8AI score0.00119EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.6 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ath12k driver’s ability to enable WoW unloading for both the primary and auxiliary links duri...

7.8CVSS5.4AI score0.00119EPSS
Exploits0References3
NVD
NVD
added 2026/05/21 9:16 a.m.13 views

CVE-2026-27393

Missing Authorization vulnerability in Tobias CF7 WOW Styler allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 WOW Styler: from n/a through 1.7.6...

5.3CVSS0.00171EPSS
Exploits0References1
Rows per page
Query Builder