Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-25129

Malicious code in bioql PyPI...

8.3CVSS8.6AI score0.00441EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2025/05/01 10:39 p.m.278 views

Exploit for SQL Injection in Valvepress Automatic

WP Automatic Plugin SQL Injection Exploit CVE-2024-27956 !...

9.9CVSS9.1AI score0.93693EPSS
Exploits16
RedhatCVE
RedhatCVEadded 2025/02/05 3:55 a.m.6 views

CVE-2024-27954

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WP Automatic Automatic allows Path Traversal, Server Side Request Forgery.This issue affects Automatic: from n/a through 3.92.0...

9.3CVSS6.8AI score0.93313EPSS
Exploits2References1
RedhatCVE
RedhatCVEadded 2025/02/05 3:46 a.m.3 views

CVE-2024-27955

Cross-Site Request Forgery CSRF vulnerability in WP Automatic Automatic allows Privilege Escalation.This issue affects Automatic: from n/a through 3.92.0...

8.3CVSS7AI score0.00441EPSS
Exploits0References1
Metasploit
Metasploitadded 2024/10/30 6:56 p.m.347 views

WordPress wp-automatic Plugin SQLi Admin Creation

This module exploits an unauthenticated SQL injection vulnerability in the WordPress wp-automatic plugin versions use exploit/multi/http/wpautomaticsqlitorce msf exploitwpautomaticsqlitorce show targets ...targets... msf exploitwpautomaticsqlitorce set TARGET msf exploitwpautomaticsqlitorce show...

9.9CVSS10AI score0.93693EPSS
Exploits16
0day.today
0day.todayadded 2024/10/30 12:0 a.m.173 views

WordPress WP-Automatic SQL Injection Exploit

This Metasploit module exploits an unauthenticated SQL injection vulnerability in the WordPress wp-automatic plugin versions prior to 3.92.1 to achieve remote code execution. The vulnerability allows the attacker to inject and execute arbitrary SQL commands, which can be used to create a maliciou...

9.9CVSS8.9AI score0.93693EPSS
Exploits16
NVD
NVDadded 2024/05/17 9:15 a.m.10 views

CVE-2024-27955

Cross-Site Request Forgery CSRF vulnerability in WP Automatic Automatic allows Privilege Escalation.This issue affects Automatic: from n/a through 3.92.0...

8.8CVSS8.3AI score0.00441EPSS
Exploits0References1
NVD
NVDadded 2024/05/17 9:15 a.m.22 views

CVE-2024-27954

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WP Automatic Automatic allows Path Traversal, Server Side Request Forgery.This issue affects Automatic: from n/a through 3.92.0...

9.3CVSS9.3AI score0.93313EPSS
Exploits2References1
The Hacker News
The Hacker Newsadded 2024/04/26 5:49 a.m.74 views

Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites

Threat actors are attempting to actively exploit a critical security flaw in the ValvePress Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior t...

9.9CVSS10AI score0.93693EPSS
Exploits20
WPVulnDB
WPVulnDBadded 2014/08/01 10:58 a.m.11 views

Automatic 2.0.3 - csv.php q Parameter SQL Injection

The wp-automatic WordPress plugin was affected by a csv.php q Parameter SQL Injection security vulnerability...

3.2AI score
Exploits0References2Affected Software1
Rows per page
Query Builder