Lucene search
K
NucleiMost viewed

4139 matches found

Nuclei
Nuclei
•added 2 hours ago•10 views

AffiliateImporterEb <= 1.0.6 - Reflected XSS

AffiliateImporterEb WordPress plugin through 1.0.6 contains a reflected XSS caused by unsanitized and unescaped parameter output, letting attackers execute scripts against high privilege users such as admin, exploit requires crafted request. id: CVE-2024-12732 info: name: AffiliateImporterEb =...

6.1CVSS6AI score0.00521EPSS
Exploits1References1
Nuclei
Nuclei
•added 2 hours ago•10 views

Social Auto Poster <= 5.3.14 - Stored Cross-Site Scripting

Social Auto Poster plugin for WordPress versions up to 5.3.14 contains a stored cross-site scripting caused by insufficient sanitization and escaping of 'mapTypes' parameter in the 'wpwautopostermapwordpressposttype' AJAX function, letting unauthenticated attackers inject and execute arbitrary...

7.2CVSS6AI score0.00829EPSS
Exploits0References3
Nuclei
Nuclei
•added 2 hours ago•10 views

EKC Tournament Manager WordPress plugin - Path Traversal

EKC Tournament Manager WordPress plugin 2.2.2 contains a path traversal caused by insufficient validation, letting logged in admin users download system files outside the WordPress directory. id: CVE-2024-9765 info: name: EKC Tournament Manager WordPress plugin - Path Traversal author: Sourabh-Sa...

6.5CVSS5.9AI score0.01414EPSS
Exploits1References1
Nuclei
Nuclei
•added 2 hours ago•10 views

SonicWall GMS and Analytics - SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SonicWall GMS and Analytics allows an unauthenticated attacker to extract sensitive information from the application database. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics:...

7.5CVSS7.3AI score0.77027EPSS
Exploits2References5
Nuclei
Nuclei
•added 2 hours ago•10 views

LG LED Assistant - Unauthenticated Password Reset

The /api/changePw endpoint in LG LED Assistant allows unauthenticated password resets when requests are considered to come from localhost. An attacker can spoof the X-Forwarded-For header with value 127.0.0.1 to trigger the behavior and receive a success response. id: CVE-2024-2862 info: name: LG...

9.8CVSS6AI score0.51001EPSS
Exploits0References3
Nuclei
Nuclei
•added 2 hours ago•10 views

SquirrelMail Address Add 1.4.2 - Cross-Site Scripting

SquirrelMail Address Add 1.4.2 plugin contains a cross-site scripting vulnerability. It fails to properly sanitize user-supplied input, thus allowing an attacker to execute arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to...

4.3CVSS6AI score0.03436EPSS
Exploits2References2
Nuclei
Nuclei
•added yesterday•10 views

Apache Kafka Client - Arbitrary File Read

Apache Kafka Client contains arbitrary file read and server-side request forgery caused by untrusted configuration of sasl.oauthbearer.token.endpoint.url and sasl.oauthbearer.jwks.endpoint.url, letting attackers read files or send requests to unintended locations, exploit requires untrusted party...

7.5CVSS7.2AI score0.62368EPSS
Exploits2References2
Nuclei
Nuclei
•added 3 days ago•10 views

Apache HugeGraph-Server <1.5.0 - Authentication Bypass

Apache HugeGraph-Server versions prior to 1.5.0 contain an authentication bypass vulnerability caused by assumed-immutable data. This flaw allows attackers to bypass authentication mechanisms without requiring specific privileges or user interaction. id: CVE-2024-43441 info: name: Apache...

9.8CVSS7.4AI score0.69651EPSS
Exploits0References5
Nuclei
Nuclei
•added 2026/07/02 9:36 a.m.•10 views

IBM Planning Analytics - Authentication Bypass & Remote Code Execution Version Detection

IBM Planning Analytics versions 2.0.0 through 2.0.8 are vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. id: CVE-2019-4716 info: name: IBM Planning Analytics - Authentication Bypass & Remote...

10CVSS7.4AI score0.86441EPSS
Exploits6References3
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•10 views

Hitachi Pentaho Business Analytics Server - Bypass Authorization

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented. id: CVE-2022-43939 info: name: Hitachi Pentaho Business Analytics Server - Bypass Authorization author: daffainf...

9.8CVSS8.1AI score0.9767EPSS
Exploits7References3
Nuclei
Nuclei
•added 2026/04/03 7:34 a.m.•10 views

Rocket TRUfusion Enterprise - Server Side Request Forgery

Rocket TRUfusion Enterprise through 7.10.4.0 uses a reverse proxy to handle incoming connections. However, the proxy is misconfigured in a way that allows specifying absolute URLs in the HTTP request line, causing the proxy to load the given resource. id: CVE-2025-32355 info: name: Rocket TRUfusi...

7.9CVSS7.4AI score0.01249EPSS
Exploits1References2
Nuclei
Nuclei
•added 2026/03/30 4:20 a.m.•10 views

Mailpit < 1.28.2 - SMTP CRLF Injection

Mailpit 1.28 contains a header injection caused by insufficient regex validation of RCPT TO and MAIL FROM addresses in the SMTP server, letting attackers inject arbitrary SMTP headers, exploit requires crafted email addresses id: CVE-2026-23829 info: name: Mailpit 1.28.2 - SMTP CRLF Injection...

5.3CVSS5.9AI score0.01441EPSS
Exploits4References2
Nuclei
Nuclei
•added 2026/02/12 11:17 a.m.•10 views

12 Step Meeting List < 3.16.6 - Unauthenticated Sensitive Information Exposure

The 12 Step Meeting List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.16.5.This makes it possible for unauthenticated attackers to extract sensitive user or configuration data via two AJAX endpoints: tsmlinfo and tsmlgeocodes. id:...

5.3CVSS5.5AI score0.00933EPSS
Exploits0References2
Nuclei
Nuclei
•added 2026/02/12 8:3 a.m.•10 views

WordPress Download Manager <= 3.2.59 - Reflected XSS

W3 Eden, Inc. Download Manager plugin = 3.2.59 contains a reflected cross-site scripting caused by insufficient input sanitization, letting attackers execute scripts in the context of the victim's browser, exploit requires attacker to craft a malicious link. id: CVE-2022-45836 info: name: WordPre...

7.1CVSS5.2AI score0.00685EPSS
Exploits0References2
Nuclei
Nuclei
•added 2026/02/12 5:7 a.m.•10 views

Plugin Oficial – Getnet para WooCommerce <= 1.8.0 - Cross-Site Scripting

The Plugin Oficial – Getnet para WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.8.0 due to insufficient input sanitization and output escaping on the 'page' parameter. This makes it possible for unauthenticated attackers to...

6.1CVSS5.8AI score0.00525EPSS
Exploits1References1
Nuclei
Nuclei
•added 2026/02/07 12:3 a.m.•10 views

WordPress List Site Contributors < 1.1.8 - Reflected XSS

WordPress List Site Contributors plugin 1.1.8 contains a reflected XSS caused by insufficient sanitization and escaping of the 'alpha' parameter, letting unauthenticated attackers inject scripts, exploit requires user interaction. id: CVE-2026-0594 info: name: WordPress List Site Contributors 1.1...

6.1CVSS5.2AI score0.00693EPSS
Exploits1References2
Nuclei
Nuclei
•added 2026/02/06 11:12 a.m.•10 views

WP Directory Kit <= 1.4.3 - Unauthenticated SQL Injection

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'columnssearch' parameter of the select2ajax function in all versions up to, and including, 1.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

7.5CVSS5.7AI score0.01422EPSS
Exploits0References2
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•10 views

CMP WordPress < 4.0.19 - Broken Access Control

CMP WordPress plugin 4.0.19 contains an arbitrary page layout change caused by insufficient access control in the coming soon page feature, letting unauthenticated users modify the layout, exploit requires no authentication. id: CVE-2022-0188 info: name: CMP WordPress 4.0.19 - Broken Access Contr...

5.3CVSS5.6AI score0.02315EPSS
Exploits2References1
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•10 views

Eveo URVE Web Manager - Server-Side Request Forgery

Eveo URVE Web Manager 27.02.2025 contains a server-side request forgery caused by improper validation of URL input in /internal/redirect.php, letting attackers make requests to internal endpoints, exploit requires crafted URL input. id: CVE-2025-36845 info: name: Eveo URVE Web Manager - Server-Si...

8.6CVSS5.4AI score0.0158EPSS
Exploits1References2
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•10 views

WPS Hide Login <= 1.5.2.2 - Login Page Bypass

WPS-Hide-Login plugin before 1.5.3 for WordPress contains an action=confirmaction protection bypass, letting attackers bypass security checks, exploit requires sending crafted requests. id: CVE-2019-15823 info: name: WPS Hide Login = 1.5.2.2 - Login Page Bypass author: pussycat0x severity: high...

9.8CVSS6.9AI score0.08584EPSS
Exploits1References2
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•10 views

Memos 0.13.2 - Cross-Site Scripting & SSRF

An SSRF vulnerability exists at the /o/get/image that allows unauthenticated users to enumerate the internal network and retrieve images. The response from the image request is then copied into the response of the current server request, causing a reflected XSS vulnerability. id: CVE-2024-29029...

6.1CVSS5.9AI score0.0108EPSS
Exploits1References2
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•10 views

Parse Server - GraphQL Schema Information Disclosure

The Parse Server GraphQL API previously allowed public access to the GraphQL schema without requiring a session token or the master key. While schema introspection reveals only metadata and not actual data, this metadata can still expand the potential attack surface. id: CVE-2025-53364 info: name...

5.3CVSS6.5AI score0.00814EPSS
Exploits0References3
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•10 views

Atarim < 4.2.2 - Sensitive Information Exposure

Vito Peleg Atarim = 4.2 contains an insertion of sensitive information into sent data vulnerability caused by improper handling of embedded sensitive data, letting attackers retrieve embedded sensitive data remotely, exploit requires no special privileges. id: CVE-2025-60188 info: name: Atarim...

7.5CVSS5.2AI score0.02882EPSS
Exploits2References1
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•10 views

XWiki REST API - Private Pages Disclosure

A vulnerability in XWiki's REST API allows unauthenticated users to access information about private pages through the pages endpoint. This could lead to disclosure of sensitive information and page metadata. id: CVE-2025-29925 info: name: XWiki REST API - Private Pages Disclosure author:...

8.7CVSS6.2AI score0.00906EPSS
Exploits1
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•10 views

N-central - XML External Entities Injection

N-central versions %xxe; rand http: - raw: - | POST /dms/services/ServerUI HTTP/2 Host: Hostname Content-Type: text/xml Soapaction: ""...

8.4CVSS7.1AI score0.31631EPSS
Exploits2References2
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•10 views

XWiki WYSIWYG API - Open Redirect

A vulnerability in XWiki's WYSIWYG API allows an attacker to redirect users to arbitrary external URLs through the xerror parameter. This could be used in phishing attacks to redirect users to malicious websites. id: CVE-2025-32970 info: name: XWiki WYSIWYG API - Open Redirect author: ritikchaddh...

6.1CVSS6.6AI score0.00539EPSS
Exploits1References2
Nuclei
Nuclei
•added 2 hours ago•9 views

Astro SSR - Open Redirect

Astro 5.2.0 through 5.12.7 contains an open redirect caused by improper handling of paths with double slashes in trailing slash redirection logic, letting attackers redirect users to arbitrary external domains, exploit requires on-demand SSR with Node or Cloudflare adapters. id: CVE-2025-54793...

6.9CVSS6AI score0.00614EPSS
Exploits0References3
Nuclei
Nuclei
•added 2 hours ago•9 views

WordPress Madara Theme < 2.2.2.1 - Local File Inclusion

Madara WordPress theme = 2.2.2 contains a local file inclusion vulnerability caused by improper sanitization of the 'template' parameter, letting unauthenticated attackers execute arbitrary files on the server, exploit requires crafted request. id: CVE-2025-4524 info: name: WordPress Madara Theme...

9.8CVSS7.4AI score0.09094EPSS
Exploits5References4
Nuclei
Nuclei
•added 2 hours ago•9 views

Lodash Template - Server-Side Template Injection (RCE)

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. id: CVE-2021-23337 info: name: Lodash Template - Server-Side Template Injection RCE author: DhiyaneshDk severity: high description: | Lodash versions prior to 4.17.21 are vulnerable to Command Injectio...

7.2CVSS6.9AI score0.2241EPSS
Exploits2References4
Nuclei
Nuclei
•added 2 hours ago•9 views

Service Finder Bookings - Authentication Bypass

Service Finder Bookings WordPress plugin = 6.0 contains a privilege escalation caused by improper validation of user cookie in servicefinderswitchback function, letting unauthenticated attackers login as any user including admins. id: CVE-2025-5947 info: name: Service Finder Bookings -...

9.8CVSS7.4AI score0.04469EPSS
Exploits2References4
Nuclei
Nuclei
•added 2 hours ago•9 views

Bonita Web 2021.2 - Authentication/Authorization Bypass

Bonita Web 2021.2 contains an authentication/authorization bypass vulnerability caused by an overly broad exclude pattern in RestAPIAuthorizationFilter, allowing unauthenticated users to access privileged API endpoints by appending ;i18ntranslation or /../i18ntranslation/ to the URL. id:...

9.8CVSS7.2AI score0.56222EPSS
Exploits1References3
Nuclei
Nuclei
•added 2 hours ago•9 views

Nortek Linear eMerge E3-Series - SQL Injection

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt parameter. id: CVE-2022-38627 info: name: Nortek Linear eMerge E3-Series - SQL Injection author: daffainfo,omarhashem666...

9.8CVSS7.2AI score0.0427EPSS
Exploits2References3
Nuclei
Nuclei
•added 2 hours ago•9 views

Rclone RC - Broken Access Control

Rclone = 1.45.0 and = 1.45.0 and 1.73.5 contains a broken access control vulnerability caused by unauthenticated access to the RC endpoint options/set allowing mutation of global runtime configuration, letting unauthenticated attackers access sensitive administrative functions, exploit requires R...

9.8CVSS5.9AI score0.34734EPSS
Exploits1References2
Nuclei
Nuclei
•added 2 hours ago•9 views

Karel IP Phone IP1211 Web Management Panel - Local File Inclusion

Karel IP Phone IP1211 Web Management Panel is vulnerable to local file inclusion and can allow remote attackers to access arbitrary files stored on the remote device via the 'cgiServer.exx' endpoint and the 'page' parameter. id: CVE-2025-34023 info: name: Karel IP Phone IP1211 Web Management Pane...

8.5CVSS6.1AI score0.01409EPSS
Exploits0References3
Nuclei
Nuclei
•added 2 hours ago•9 views

WordPress Ultimate FAQs <= 1.8.24 – Unauthenticated Options Import and Export

Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import. id: CVE-2019-17232 info: name: WordPress Ultimate FAQs = 1.8.24 – Unauthenticated Options Import and Export author: daffainfo severity: high description: |...

7.5CVSS7.3AI score0.03518EPSS
Exploits1References4
Nuclei
Nuclei
•added 2 hours ago•9 views

SiYuan <= 3.6.5 - Unauthenticated Path Traversal

SiYuan = 3.6.5 contains a path traversal via double URL-encoding in the /assets/ route publish mode port 6808, allowing unauthenticated attackers to read arbitrary files inside WorkspaceDir including conf/conf.json which exposes the API token and access auth code. id: CVE-2026-54066 info: name:...

7.5CVSS6AI score0.01892EPSS
Exploits0References1
Nuclei
Nuclei
•added 2 hours ago•9 views

LearnPress < 4.3.7 - Information Disclosure

LearnPress WordPress plugin 4.3.7 contains an information disclosure vulnerability caused by missing capability checks on a REST endpoint, letting unauthenticated visitors retrieve sensitive user role and capability data via crafted requests. id: CVE-2026-8383 info: name: LearnPress 4.3.7 -...

5.3CVSS5.9AI score0.00424EPSS
Exploits0References2
Nuclei
Nuclei
•added 2 hours ago•9 views

UniFi Network Application - Path Traversal

UniFi Network Application contains a path traversal vulnerability allowing a network attacker to access and manipulate files on the underlying system, potentially leading to account access, exploit requires network access. id: CVE-2026-22557 info: name: UniFi Network Application - Path Traversal...

10CVSS7.4AI score0.15601EPSS
Exploits3References4
Nuclei
Nuclei
•added 2 hours ago•9 views

Lyrion Music Server <= 9.2.0 - Cross-Site Scripting

Lyrion Music Server 9.2.0 contains a reflected XSS caused by improper sanitization of the search parameter in the server.log endpoint, letting unauthenticated attackers execute arbitrary script in users' browsers. id: CVE-2026-50230 info: name: Lyrion Music Server = 9.2.0 - Cross-Site Scripting...

6.1CVSS6.1AI score0.00324EPSS
Exploits2References3
Nuclei
Nuclei
•added 2 hours ago•9 views

W3 Total Cache < 2.8.2 - Log File Exposure

The plugin is vulnerable to Information Exposure through the publicly exposed debug log file. This makes it possible for unauthenticated attackers to view potentially sensitive information in the exposed log file. For example, the log file may contain nonce values that can be used in further CSRF...

7.5CVSS7.1AI score0.02169EPSS
Exploits0References3
Nuclei
Nuclei
•added 2 hours ago•9 views

Custom Field Manager WordPress - Cross-Site Scripting

Custom Field Manager WordPress plugin through 1.0 contains a reflected XSS caused by unsanitized and unescaped parameter output, letting attackers execute scripts against high privilege users such as admin, exploit requires crafted request. id: CVE-2024-12873 info: name: Custom Field Manager...

6.1CVSS7.2AI score0.0053EPSS
Exploits1References2
Nuclei
Nuclei
•added 2 hours ago•9 views

Unlimited Elements for Elementor <= 1.5.93 - Cross Site Scripting

Unlimited Elements For Elementor Free Widgets, Addons, Templates versions up to 1.5.93 contain a reflected cross-site scripting caused by improper neutralization of input during web page generation, letting attackers execute malicious scripts in the victim's browser, exploit requires attacker to...

7.1CVSS7.1AI score0.0074EPSS
Exploits0References3
Nuclei
Nuclei
•added 2 hours ago•9 views

Blinko < 1.8.4 - Path Traversal

Blinko 1.8.4 contains a path traversal vulnerability caused by lack of permission checks and filtering on the temp/ path in the file server endpoint, letting unauthorized attackers read arbitrary files including backup files with user notes and tokens, exploit requires no special privileges. id:...

8.2CVSS6AI score0.01523EPSS
Exploits0References3
Nuclei
Nuclei
•added 2 hours ago•9 views

LogDash Activity Log <= 1.1.3 - SQL Injection

The LogDash Activity Log plugin for WordPress is vulnerable to SQL Injection via the username parameter in all versions up to, and including, 1.1.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

5.4CVSS6AI score0.00748EPSS
Exploits1References2
Nuclei
Nuclei
•added 2 hours ago•9 views

Simple Certain Time to Show Content - Cross-Site Scripting

Simple Certain Time to Show Content WordPress plugin 1.3.1 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute arbitrary scripts in the context of high privilege users such as admin, explo...

7.1CVSS7.2AI score0.00605EPSS
Exploits1References2
Nuclei
Nuclei
•added 2 hours ago•9 views

phpVMS < 7.0.6 - Legacy Importer Authorization Bypass

phpVMS 7.0.6 contains an authentication bypass caused by unauthenticated access to a legacy import feature, letting unauthenticated attackers access restricted functionality, exploit requires no special privileges. id: CVE-2026-42569 info: name: phpVMS 7.0.6 - Legacy Importer Authorization Bypass...

9.4CVSS5.9AI score0.01173EPSS
Exploits1References3
Nuclei
Nuclei
•added 2 hours ago•9 views

N-able N-central < 2024.2 - Authentication Bypass Detection

N-central server versions prior to 2024.2 contain an authentication bypass in the user interface, letting attackers access restricted areas without proper credentials, exploit requires no specific conditions. id: CVE-2024-28200 info: name: N-able N-central 2024.2 - Authentication Bypass Detection...

9.8CVSS5.9AI score0.01946EPSS
Exploits0References4
Nuclei
Nuclei
•added 2 hours ago•9 views

WordPress BackWPup < 4.0.4 - Backup File Disclosure

BackWPup WordPress plugin 4.0.4 contains a directory listing vulnerability caused by lack of access restrictions in its temporary backup folder, letting unauthenticated attackers download site backups, exploit requires no authentication. id: CVE-2023-7164 info: name: WordPress BackWPup 4.0.4 -...

7.5CVSS5.8AI score0.02261EPSS
Exploits2References3
Nuclei
Nuclei
•added 2026/07/02 9:36 a.m.•9 views

Progress ADC LoadMaster - Command Injection

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints id: CVE-2026-8037 info: name: Progress ADC LoadMaste...

9.6CVSS7.9AI score0.29641EPSS
Exploits2References2
Nuclei
Nuclei
•added 2026/04/23 7:16 a.m.•9 views

AI ChatBot with ChatGPT by AYS <= 2.6.6 - Unauthenticated API Key Exposure

AYS AI ChatBot with ChatGPT and Content Generator = 2.6.6 contains an insertion of sensitive information into sent data vulnerability caused by improper handling of embedded sensitive data, letting attackers retrieve sensitive information, exploit requires crafted input. id: CVE-2025-62039 info:...

7.5CVSS5.8AI score0.01273EPSS
Exploits0References1
Total number of security vulnerabilities4139