Lucene search
K
AttackerkbRecent

75017 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/03 9:31 a.m.8 views

CVE-2026-5137

The RTMKit rometheme-for-elementor plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.0.7 This is due to insufficient path validation on the 'template' parameter in the rendertemplates AJAX endpoint, which is used directly in a require/include statement...

4.3CVSS6.2AI score0.00266EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:58 a.m.11 views

CVE-2026-4322

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Raera - Ankara Web Design and Digital Advertising Agency Destekz allows Reflected XSS. This issue affects Destekz: through 02062026. NOTE: The vendor was contacted and it was learned that the produ...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:54 a.m.9 views

CVE-2026-4321

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Raera - Ankara Web Design and Digital Advertising Agency Destekz allows SQL Injection. This issue affects Destekz: through 02062026. NOTE: The vendor was contacted and it was learned that the produ...

9.8CVSS6AI score0.00266EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:8 a.m.7 views

CVE-2026-35159

Dell Client Platform BIOS contains an Authentication Bypass by Primary Weakness vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure...

5.3CVSS6AI score0.0016EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/03 7:53 a.m.9 views

CVE-2026-11398

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.6.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

5.3CVSS6AI score0.00338EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/07/03 7:53 a.m.6 views

CVE-2026-9756

The GenerateBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Headline Block 'linkMetaFieldType' Dynamic Link Attribute in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS6.1AI score0.00215EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/07/03 7:53 a.m.6 views

CVE-2026-4804

The Zakra theme for WordPress is vulnerable to Stored Cross-Site Scripting via post meta values in all versions up to, and including, 4.2.0. This is due to the theme registering three post meta fields zakramenuitemcolor, zakramenuitemhovercolor, and zakramenuitemactivecolor with 'showinrest' = tr...

6.4CVSS6.1AI score0.00187EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/03 7:53 a.m.8 views

CVE-2026-11778

The The CURCY – Multi Currency for WooCommerce – Smoothly on WooCommerce 9.x plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.2.14. This is due to the software allowing users to execute an action that does not properly validate a value...

5.4CVSS6.3AI score0.00255EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/03 7:53 a.m.5 views

CVE-2026-11900

The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 2.8.16 via the 'data' attribute of the adinserter shortcode. This is due to the replaceaitags function processing a reusable-block-N tag pattern that...

4.3CVSS6AI score0.00273EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/07/03 7:48 a.m.6 views

CVE-2026-47896

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 through 4.8.0-beta00017. Users are recommended to upgrade to version 4.8.0-beta00018...

8.9CVSS5.9AI score0.00703EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/03 7:48 a.m.10 views

CVE-2026-47897

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018,...

8.9CVSS5.9AI score0.00616EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/03 7:47 a.m.10 views

CVE-2026-47898

Improper Restriction of XML External Entity Reference vulnerability in Apache Lucene.Net Lucene.Net.Analysis.Common library. This issue affects Apache Lucene.Net.Analysis.Common: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018, which fixes...

4CVSS5.9AI score0.00328EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/03 7:40 a.m.10 views

CVE-2026-8804

Puppet resourceapi shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x does not preserve the sensitive flag on parameters defined via the resource-api, causing values such as passwords to be stored in cleartext in the agent's local transaction state cache. Affected versions of th...

6.7CVSS5.9AI score0.00082EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/07/03 7:26 a.m.8 views

CVE-2026-14544

A flaw was found in HPLIP HP Linux Imaging and Printing Software. This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling...

9.8CVSS6.2AI score0.00511EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:50 a.m.6 views

CVE-2026-9148

The Comments – wpDiscuz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the guest commenter 'Website' field in versions up to, and including, 7.6.56 This is due to insufficient output escaping in the getCommentAuthor function, which interpolates the stored commentauthorurl...

7.2CVSS6.1AI score0.00305EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:50 a.m.6 views

CVE-2026-9230

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS6AI score0.00312EPSS
Exploits0References15
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:50 a.m.8 views

CVE-2026-8351

The RTMKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Advanced Heading widget's 'Background Text' parameter in versions up to, and including, 2.0.7 This is due to insufficient output escaping on the 'backgroundtextheading' setting in the render function, which...

6.4CVSS6.1AI score0.00245EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:18 a.m.8 views

CVE-2026-9547

When a libcurl-based application performs transfers via SCP:// or SFTP:// and utilizes the CURLOPTSSHKEYFUNCTION callback, it may silently accept an untrusted server. This vulnerability occurs when a server presents a host key type that does not match the specific key type already recorded for th...

6AI score0.00508EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:18 a.m.7 views

CVE-2026-9546

A vulnerability in libcurl caused the HTTP Referer: header to persist even when explicitly cleared. While the documentation states that passing NULL to CURLOPTREFERER suppresses the header, the option failed to clear the internal state. As a result the previous referrer string was erroneously...

5.9AI score0.00652EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:17 a.m.7 views

CVE-2026-9545

In this scenario, libcurl first uses a proper HTTP/3 server for the initial transfers, and when it makes a second transfer to the same site it has been replaced by the attacker's impostor machine - without a valid certificate. When libcurl returns to the hostname the second time with a cached SSL...

5.9AI score0.00408EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:17 a.m.8 views

CVE-2026-9080

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

5.9AI score0.00494EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:16 a.m.10 views

CVE-2026-9079

libcurl had a flaw that when instructed to clear proxy authentication credentials which made it not do so, leaving the old credentials around to get used for subsequent transfers that should not know nor use them...

6AI score0.01064EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:16 a.m.10 views

CVE-2026-8932

libcurl would reuse a previously created connection even when some mTLS config related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, some TLS...

6.2AI score0.00368EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:16 a.m.8 views

CVE-2026-8927

When reusing a libcurl handle for sequential transfers driven by environment-variable proxy configuration, libcurl fails to clear the proxy authentication state between requests. Specifically, if the initial transfer authenticates against proxyA using Digest auth, a subsequent transfer routed...

5.9AI score0.00752EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:15 a.m.9 views

CVE-2026-8926

When asking curl to use a .netrc file to find credentials and at the same time specifying a URL with a usernamewithout a password, like https://[email protected]/, curl could wrongly get and use the password for another user set in the .netrc file for that host if such a one exists and there is no...

6AI score0.0061EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:15 a.m.11 views

CVE-2026-8925

The curl logic that works with SASL authentication could end up cleaning up the GSASL context twice without clearing the pointer in between, making it free the same pointer twice...

5.9AI score0.0108EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:15 a.m.8 views

CVE-2026-8924

A flaw in curl’s cookie parsing logic allows a malicious HTTP server to set 'super cookies' that bypass the Public Suffix List check. This enables an attacker-controlled origin to inject cookies that curl subsequently scopes and transmits to unrelated third-party domains...

6AI score0.00649EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:14 a.m.12 views

CVE-2026-8458

libcurl might in some circumstances reuse the wrong connection when asked to do Negotiate-authenticated ones, even when they are set to use different 'services'. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When...

6AI score0.00543EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:14 a.m.9 views

CVE-2026-8286

A vulnerability exists where a new transfer that uses STARTTLS to upgrade the connection might reuse an existing live connection even though the TLS configuration mismatches so it should not...

5.9AI score0.0052EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:13 a.m.14 views

CVE-2026-12064

When a user invokes curl using a schemeless URL combined with --proto-default sftp or scp, a disconnect occurs between the tool layer and libcurl. The tool layer incorrectly infers the URL scheme, which erroneously bypasses the initialization of critical SSH security options like...

6AI score0.00574EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:13 a.m.11 views

CVE-2026-11856

Successfully using libcurl to do a transfer to a specific HTTP origin hostA with Digest authentication and then changing the origin to a different one hostB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Authorization: header field meant for hostA, to hostB...

6AI score0.01064EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:13 a.m.8 views

CVE-2026-11586

By default, curl automatically responds to WebSocket PING frames. Because curl lacks an upper bound on memory allocation for unacknowledged frames, a malicious server can exhaust all available memory by flooding curl with rapid, sequential PING messages...

6AI score0.0086EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:12 a.m.8 views

CVE-2026-11564

libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches that same handle to custom CA...

6AI score0.0061EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:12 a.m.7 views

CVE-2026-11352

An issue in curl’s QUIC UDP receive function allows a malicious HTTP/3 server to trigger a remote denial of service against a curl or libcurl client. Because the helper function discards zero-length UDP datagrams before counting them toward the per-call packet budget, a connected QUIC peer can...

6.7AI score0.0101EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:11 a.m.8 views

CVE-2026-10536

A use-after-free vulnerability exists in libcurl when an application configures an HTTP/2 stream-dependency tree via CURLOPTSTREAMDEPENDS or CURLOPTSTREAMDEPENDSE, subsequently invokes curleasyreset, and finally terminates the handle with curleasycleanup. During this final cleanup phase, libcurl...

6AI score0.00891EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 5:52 a.m.9 views

CVE-2026-4967

In IMS, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed...

7.5CVSS6.2AI score0.00403EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/03 4:30 a.m.11 views

CVE-2026-9180

The MotoPress Appointment Booking plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 2.4.4. This is due to the POST /motopress/appointment/v1/bookings REST endpoint being registered with 'permissioncallback' = 'returntrue',...

5.3CVSS5.7AI score0.00342EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/03 4:30 a.m.10 views

CVE-2026-9626

The JSON API User plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'content' parameter of the postcomment API endpoint in versions up to, and including, 4.1.0 This is due to insufficient input sanitization in the postcomment function, which passes the attacker-controlled...

6.4CVSS5.9AI score0.00228EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/03 4:30 a.m.9 views

CVE-2026-8892

The CM Business Directory – Optimise and showcase local business plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Business Address Meta Fields in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.9AI score0.00212EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/07/03 4:30 a.m.10 views

CVE-2026-11397

The WP Import Export Lite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to and including 3.9.30 via the wpieimportuploadfilefromurl AJAX action. The plugin's URL downloader first calls wpsaferemoteget which correctly blocks private/reserved IP ranges, but wh...

5.5CVSS5.9AI score0.00235EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/03 4:30 a.m.11 views

CVE-2026-9725

The Printcart Web to Print Product Designer for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 2.5.2 This is due to insufficient path validation in the storedesigndata function, which constructs a filesystem path from the user-supplied...

9.1CVSS6.5AI score0.00742EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/03 4:30 a.m.10 views

CVE-2026-13040

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'realval' parameter in all versions up to, and including, 9.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

7.2CVSS5.9AI score0.00304EPSS
Exploits0References15
ATTACKERKB
ATTACKERKB
added 2026/07/03 4:30 a.m.11 views

CVE-2026-12557

The Ninja Forms - File Uploads plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.3.29. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to read all...

5.3CVSS5.8AI score0.00223EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/03 4:30 a.m.8 views

CVE-2026-14352

The AR for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 8.40 via the 'file' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive...

7.5CVSS5.9AI score0.00473EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/07/03 4:30 a.m.11 views

CVE-2026-8489

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'aboutme' parameter in all versions up to, and including, 2.11.4 due to insufficient input sanitization and...

6.4CVSS5.9AI score0.00241EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 2026/07/03 2:1 a.m.9 views

CVE-2022-4989

UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to access unintended memory regions via crafted IOCTL requests, leading to privilege escalation...

8.5CVSS5.8AI score0.00103EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/03 2:0 a.m.7 views

CVE-2022-4990

UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation...

7.3CVSS5.8AI score0.00096EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/03 2:0 a.m.8 views

CVE-2026-8921

External Control of File Name or Path vulnerability in ASUS Business Manager allows a local user to execute arbitrary code with SYSTEM privileges via a tampered IPC message. Refer to the ' Security Update for ASUS Business Manager ' section on the ASUS Security Advisory for more information...

8.5CVSS6.2AI score0.00124EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/03 2:0 a.m.8 views

CVE-2026-12960

An Improper Export of Android Application Components vulnerability in ASUS Router App allows a third-party application on the same device to send a crafted Intent that causes ASUS Router App to open an specified URL. Refer to the ' Security Update for ASUS Router Android App ' section on the ASUS...

6CVSS5.8AI score0.00116EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/03 1:28 a.m.12 views

CVE-2026-14327

The AR for WordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 8.40 via the 'file' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive...

7.5CVSS5.9AI score0.00459EPSS
Exploits0References7
Total number of security vulnerabilities75017