Lucene search
K
NucleiMost viewed

4139 matches found

Nuclei
Nuclei
added 16 hours ago8 views

Lyrion Music Server <= 9.2.0 - Cross-Site Scripting

Lyrion Music Server 9.2.0 contains a reflected XSS caused by improper sanitization of the search parameter in the server.log endpoint, letting unauthenticated attackers execute arbitrary script in users' browsers. id: CVE-2026-50230 info: name: Lyrion Music Server = 9.2.0 - Cross-Site Scripting...

6.1CVSS6.1AI score0.00324EPSS
Exploits2References3
Nuclei
Nuclei
added 16 hours ago8 views

Python Flask-Security-Too <=5.3.2 - Open Redirect

An open redirect vulnerability exists in the python package Flask-Security-Too prior to version 5.3.3. Attackers can abuse the 'next' parameter on the /login and /register routes to redirect unsuspecting users to malicious sites via crafted URLs, which could lead to phishing or other attacks NVD...

6.1CVSS6.3AI score0.01079EPSS
Exploits1References4
Nuclei
Nuclei
added 16 hours ago8 views

Unlimited Elements for Elementor <= 1.5.93 - Cross Site Scripting

Unlimited Elements For Elementor Free Widgets, Addons, Templates versions up to 1.5.93 contain a reflected cross-site scripting caused by improper neutralization of input during web page generation, letting attackers execute malicious scripts in the victim's browser, exploit requires attacker to...

7.1CVSS7.1AI score0.0074EPSS
Exploits0References3
Nuclei
Nuclei
added 16 hours ago8 views

Sunshine Photo Cart <= 3.1.1 - Reflected Cross-Site Scripting

WP Sunshine Sunshine Photo Cart versions up to 3.1.1 contain a cross-site scripting caused by improper neutralization of input during web page generation, letting attackers execute malicious scripts in users' browsers, exploit requires attacker to craft malicious input. id: CVE-2024-30194 info:...

7.1CVSS7.1AI score0.00727EPSS
Exploits0References3
Nuclei
Nuclei
added 16 hours ago8 views

News & Blog Designer Pack – WordPress Blog Plugin <= 3.4.1 - Unauthenticated Local File Inclusion

The News & Blog Designer Pack WordPress plugin up to version 3.4.1 contains a remote code execution caused by local file inclusion in the bdpgetmorepost function, letting unauthenticated attackers include arbitrary PHP files, exploit requires AJAX request with crafted POST data. id: CVE-2023-5815...

9.8CVSS7.9AI score0.04262EPSS
Exploits0References3
Nuclei
Nuclei
added 16 hours ago8 views

ionCube Tester Plus <= 1.3 - Local File Inclusion

The ionCube Tester Plus plugin for WordPress versions = 1.3 is vulnerable to unauthenticated arbitrary file read via path traversal. The 'ininame' parameter in loader-wizard.php is not properly sanitized, allowing attackers to read sensitive files such as wp-config.php and /etc/passwd without...

7.5CVSS6AI score0.01609EPSS
Exploits0References2
Nuclei
Nuclei
added 16 hours ago8 views

LatePoint <= 5.0.11 - SQL Injection

The LatePoint plugin for WordPress is vulnerable to Arbitrary User Password Change via SQL Injection in versions up to, and including, 5.0.11. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...

9.8CVSS6AI score0.02823EPSS
Exploits0References3
Nuclei
Nuclei
added 16 hours ago8 views

A5 Custom Login Page - Reflected XSS

A5 Custom Login Page WordPress plugin v2.8.1 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires a crafted URL or...

6.1CVSS7.1AI score0.00577EPSS
Exploits1References1
Nuclei
Nuclei
added 16 hours ago8 views

LifterLMS < 8.0.1 - Cross-Site Scripting

LifterLMS WordPress plugin before 8.0.1 contains a reflected XSS caused by unsanitized and unescaped parameter output, letting attackers execute scripts against high privilege users such as admin via a crafted request. id: CVE-2024-13619 info: name: LifterLMS 8.0.1 - Cross-Site Scripting author:...

6.1CVSS6AI score0.00521EPSS
Exploits1References3
Nuclei
Nuclei
added 16 hours ago8 views

Privacy Policy Genius - Cross-Site Scripting

Privacy Policy Genius WordPress plugin v2.0.4 contains a reflected cross-site scripting caused by unsanitized parameter output in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a malicious URL. id: CVE-2024-13219...

6.1CVSS7.1AI score0.00565EPSS
Exploits1References2
Nuclei
Nuclei
added 16 hours ago8 views

Astro SSR - Open Redirect

Astro 5.2.0 through 5.12.7 contains an open redirect caused by improper handling of paths with double slashes in trailing slash redirection logic, letting attackers redirect users to arbitrary external domains, exploit requires on-demand SSR with Node or Cloudflare adapters. id: CVE-2025-54793...

6.9CVSS6AI score0.00572EPSS
Exploits0References3
Nuclei
Nuclei
added 16 hours ago8 views

Heimdall Application Dashboard < 2.7.3 - Reflected XSS

LinuxServer.io Heimdall 2.7.3 contains a stored XSS caused by improper sanitization of the "q" parameter, letting remote attackers execute scripts, exploit requires crafted input. id: CVE-2025-54597 info: name: Heimdall Application Dashboard 2.7.3 - Reflected XSS author: 0xAkoko severity: medium...

7.2CVSS6AI score0.00565EPSS
Exploits0References3
Nuclei
Nuclei
added 16 hours ago8 views

Pinger 1.0 - Remote Code Execution

Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can exploit the unsanitized input in ping.php to write arbitrary PHP files and execute system commands by appending shell metacharacters. id:...

9.8CVSS6.7AI score0.03135EPSS
Exploits0References2
Nuclei
Nuclei
added 16 hours ago8 views

VvvebJs <= 2.0.5 - Cross-Site Scripting

Givanz Vvvebjs = 2.0.5 contains a stored XSS caused by manipulation of the "uploadAllowExtensions" argument in upload.php File Upload Endpoint, letting remote attackers execute scripts, exploit requires crafted input. id: CVE-2026-5615 info: name: VvvebJs = 2.0.5 - Cross-Site Scripting author:...

5.3CVSS5.9AI score0.00773EPSS
Exploits1References2
Nuclei
Nuclei
added 16 hours ago8 views

Vite dev server - Cross-Site Scripting

Vite's dev server, when used with appType: 'custom' and manually invoking server.transformIndexHtml using the unmodified request URL, is vulnerable to XSS via a crafted URL payload. If the HTML being served includes an inline module script ..., an attacker can inject a script via the URL,...

6.1CVSS6.8AI score0.00997EPSS
Exploits1References2
Nuclei
Nuclei
added 16 hours ago8 views

Stirling-PDF < 1.1.0 - Server-Side Request Forgery

Stirling-PDF 1.1.0 contains a server side request forgery caused by bypassing the sanitizer in the /api/v1/convert/html/pdf endpoint when processing HTML to PDF conversion, letting attackers perform SSRF, exploit requires local access. id: CVE-2025-55150 info: name: Stirling-PDF 1.1.0 - Server-Si...

9.8CVSS6AI score0.01587EPSS
Exploits0References2
Nuclei
Nuclei
added 16 hours ago8 views

Blesta <= 5.13.1 - Cross-Site Scripting

Blesta 3.x through 5.x before 5.13.3 contains an input validation vulnerability caused by mishandling input, letting attackers potentially exploit the system, exploit requires unspecified conditions. id: CVE-2026-25616 info: name: Blesta = 5.13.1 - Cross-Site Scripting author: 0xAkoko severity:...

6.1CVSS5.9AI score0.00383EPSS
Exploits1References3
Nuclei
Nuclei
added 16 hours ago8 views

SureForms <= 1.13.1 - Sensitive Information Exposure

SureForms WordPress plugin = 1.13.1 contains a sensitive information exposure caused by setting 'authcallback' to 'returntrue' in 'srfmemailnotification' post meta registration, letting unauthenticated attackers access sensitive email notification data, exploit requires no authentication. id:...

7.5CVSS5.9AI score0.01986EPSS
Exploits0References2
Nuclei
Nuclei
added 16 hours ago8 views

DokuWiki <= 2025-05-14a Librarian - Reflected Cross-Site Scripting

DokuWiki 2025-05-14a 'Librarian' contains a stored XSS caused by improper sanitization of the 'q' parameter, letting remote attackers execute arbitrary scripts, exploit requires no special privileges. id: CVE-2025-61224 info: name: DokuWiki = 2025-05-14a Librarian - Reflected Cross-Site Scripting...

6.5CVSS6.2AI score0.01272EPSS
Exploits0References3
Nuclei
Nuclei
added 16 hours ago8 views

LobeHub LobeChat <= 2.1.56 - Server-Side Request Forgery

LobeHub LobeChat versions up to and including 2.1.56 are vulnerable to an unauthenticated server-side request forgery vulnerability in the /webapi/proxy endpoint. The endpoint accepts a URL in the POST request body and fetches it server-side without authentication. id: CVE-2026-54157 info: name:...

9CVSS5.9AI score0.0178EPSS
Exploits0References2
Nuclei
Nuclei
added 16 hours ago8 views

MajorDoMo - Unauthenticated RCE

MajorDoMo contains a remote code execution caused by an include order bug and lack of exit after redirect in admin panel's PHP console, letting unauthenticated attackers execute arbitrary PHP code via crafted GET requests. id: CVE-2026-27174 info: name: MajorDoMo - Unauthenticated RCE author:...

9.8CVSS6.9AI score0.06996EPSS
Exploits4References4
Nuclei
Nuclei
added 16 hours ago8 views

Oliver 5 Library Server <8.00.008.053 - Local File Inclusion

Oliver 5 Library Server versions prior to 8.00.008.053 are vulnerable to local file inclusion via the FileServlet function. id: CVE-2021-45027 info: name: Oliver 5 Library Server 8.00.008.053 - Local File Inclusion author: gy741 severity: high description: Oliver 5 Library Server versions prior t...

7.5CVSS7AI score0.01642EPSS
Exploits1References3
Nuclei
Nuclei
added 16 hours ago8 views

CHAOS 5.0.1 'sendCommandHandler' - Cross-Site Scripting

Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component. id: CVE-2024-31839 info: name: CHAOS 5.0.1 'sendCommandHandler' - Cross-Site Scripting author: riteshs4hu severity:...

4.8CVSS6.9AI score0.08104EPSS
Exploits6References2
Nuclei
Nuclei
added yesterday8 views

WhatsUp Gold GetStatisticalMonitorList SQL Injection - Authentication Bypass

In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password. id: CVE-2024-6671 info: name: WhatsUp Gold GetStatisticalMonitorList SQL Injectio...

9.8CVSS7.5AI score0.14886EPSS
Exploits0References3
Nuclei
Nuclei
added 2026/07/01 3:36 a.m.8 views

WordPress Realtyna Organic IDX Plugin <= 4.14.4 - SQL Injection

The Realtyna Organic IDX plugin plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 4.14.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attacke...

9.3CVSS5.8AI score0.0172EPSS
Exploits0References2
Nuclei
Nuclei
added 2026/04/03 7:34 a.m.8 views

ChanCMS <= 3.1. - Remote Code Execution

yanyutao0402 ChanCMS = 3.1.2 contains an insecure deserialization caused by manipulation of the "targetUrl" argument in getArticle function of app/modules/cms/controller/collect.js, letting remote attackers execute arbitrary code, exploit requires crafted input. id: CVE-2025-8266 info: name:...

6.5CVSS6.9AI score0.00971EPSS
Exploits1References4
Nuclei
Nuclei
added 2026/03/06 11:22 p.m.8 views

Course Booking System <= 6.0.6 - SQL Injection

The Course Booking System plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 6.0.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...

9.3CVSS5.8AI score0.02847EPSS
Exploits1References2
Nuclei
Nuclei
added 2026/02/12 5:7 a.m.8 views

Studiocart <= 2.9.0 - Cross-Site Scripting

The Studiocart plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.9.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if the...

7.1CVSS5.8AI score0.00368EPSS
Exploits0References1
Nuclei
Nuclei
added 2026/02/12 12:4 a.m.8 views

WP Recipe Maker <= 9.1.0 - Reflected XSS via Referer Header

The WP Recipe Maker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'Referer' header in all versions up to, and including, 9.1.0 due to insufficient input sanitization and output escaping. The Referer header value is used directly in the href attribute of the "Back"...

6.1CVSS5.5AI score0.00679EPSS
Exploits0References3
Nuclei
Nuclei
added 2026/02/11 4:55 p.m.8 views

PropertyHive < 2.1.1 - Cross-Site Scripting

The Property Hive plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'phmessage' parameter in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS5.8AI score0.00599EPSS
Exploits1References2
Nuclei
Nuclei
added 2026/02/09 9:43 a.m.8 views

WordPress File Manager < 3.0 - Cross-Site Scripting

WordPress File Manager plugin before 3.0 is vulnerable to authenticated reflected cross-site scripting XSS via the lang parameter in the admin dashboard. The parameter is directly echoed into a JavaScript context without proper sanitization. id: CVE-2018-16363 info: name: WordPress File Manager 3...

5.4CVSS5.1AI score0.0139EPSS
Exploits2References4
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.8 views

Dify - User Enumeration via "Account not found" Message

A user enumeration vulnerability exists in langgenius/dify, where the login API leaks information about whether a user account exists or not. When an invalid/non-existent email is used during login, the API returns a distinct error message such as "accountnotfound" or "Account not found.", allowi...

5.3CVSS4.5AI score0.00722EPSS
Exploits1References4
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.8 views

XWiki – Stored Cross-Site Scripting (XSS)

XWiki through version 17.3.0 contains stored cross-site scripting caused by improper sanitization of inputs in the Administration interface's Presentation section, letting authenticated administrators inject JavaScript that executes in visitors' browsers, exploit requires administrator...

4.8CVSS6AI score0.00464EPSS
Exploits1References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.8 views

WeiPHP 5.0 - Path Traversal

WeiPHP 5.0 contains a path traversal caused by insufficient input validation of the picUrl parameter in /public/index.php/material/Material/downloadimgage, letting unauthenticated remote attackers read arbitrary files. id: CVE-2025-34045 info: name: WeiPHP 5.0 - Path Traversal author: pikpikcu...

8.7CVSS6.9AI score0.04311EPSS
Exploits1References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.8 views

XWiki REST API - Attachments Disclosure

A vulnerability in XWiki's REST API allows unauthenticated users to access attachments list and metadata through the attachments endpoint. This could lead to disclosure of sensitive information stored in attachments metadata. id: CVE-2025-46554 info: name: XWiki REST API - Attachments Disclosure...

5.3CVSS6.1AI score0.00986EPSS
Exploits1References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.8 views

Adobe Experience Manager Forms - Insecure Deserialization

Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration vulnerability that could result in arbitrary code execution. An attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user...

9.8CVSS6.1AI score0.44894EPSS
Exploits0References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.8 views

SmarterTools SmarterMail - Admin Password Reset

Detected a SmartMail admin password reset vulnerability by sending a POST request to the /api/v1/auth/force-reset-password endpoint, indicating that administrative password resets could potentially be triggered without proper authorization. id: CVE-2026-23760 info: name: SmarterTools SmarterMail ...

9.8CVSS7.7AI score0.96268EPSS
Exploits3References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.8 views

Shenzhen Aitemi M300 Wi-Fi Repeater – Unauthenticated Remote Command Execution via `time` Parameter

An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 via the 'time' parameter of the '/protocol.csp?' endpoint. The input is processed by the internal date '-s' command without rebooting or disrupting HTTP service. Unlike othe...

9.4CVSS7.5AI score0.60875EPSS
Exploits5References3
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.8 views

XWiki XML View - Sensitive Information Exposure

A vulnerability in XWiki's XML view functionality exposes sensitive information such as passwords and email addresses that are stored in custom fields not explicitly named as password or email. This information disclosure occurs when accessing user profiles with the xml.vm template. id:...

8.7CVSS6.2AI score0.01285EPSS
Exploits0References2
Nuclei
Nuclei
added 16 hours ago7 views

EventON Lite <= 2.4 - Authenticated Local File Inclusion

Ashan Perera EventON contains a PHP remote file inclusion caused by improper control of filename in include/require statements, letting attackers include local files, exploit requires attacker to control include filename. id: CVE-2025-32614 info: name: EventON Lite = 2.4 - Authenticated Local Fil...

8.8CVSS7.2AI score0.01833EPSS
Exploits0References1
Nuclei
Nuclei
added 16 hours ago7 views

SiYuan <= v3.5.9 - Cross Site Scripting

SiYuan v3.5.10 contains a reflected XSS caused by improper sanitization of javascript: href attributes allowing ASCII control characters to bypass prefix checks in SVG sanitizer, letting unauthenticated attackers execute JavaScript via /api/icon/getDynamicIcon. id: CVE-2026-31809 info: name: SiYu...

6.4CVSS7.2AI score0.00505EPSS
Exploits1References2
Nuclei
Nuclei
added 16 hours ago7 views

WordPress Campress Theme <= 1.35 - Unauthenticated Local File Inclusion

Campress theme for WordPress up to 1.35 contains a local file inclusion caused by 'campresswoocommercegetajaxproducts' function, letting unauthenticated attackers include and execute arbitrary PHP files, exploit requires no authentication. id: CVE-2024-10763 info: name: WordPress Campress Theme =...

9.8CVSS7.5AI score0.03529EPSS
Exploits0References1
Nuclei
Nuclei
added 16 hours ago7 views

Letta Letta 0.7.12 - Remote Code Execution

Letta 0.7.12 is vulnerable to remote code execution via POST /v1/tools/run in letta.server.restapi.routers.v1.tools.runtoolfromsource, allowing attackers to execute arbitrary Python and OS commands via crafted tool source code. id: CVE-2025-51482 info: name: Letta Letta 0.7.12 - Remote Code...

8.8CVSS6.8AI score0.01862EPSS
Exploits1References4
Nuclei
Nuclei
added 16 hours ago7 views

WP Extended < 3.0.0 - Stored Cross-Site Scripting

The Ultimate WordPress Toolkit - WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...

7.1CVSS6.1AI score0.0063EPSS
Exploits0References4
Nuclei
Nuclei
added 16 hours ago7 views

WordPress Competition Form Plugin <= 2.0 - Cross-Site Scripting

Competition Form WordPress plugin = 2.0 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires victim to visit a...

7.1CVSS7.1AI score0.00566EPSS
Exploits1References2
Nuclei
Nuclei
added 16 hours ago7 views

WordPress Stray Random Quotes <= 1.9.9 - Cross-Site Scripting

Stray Random Quotes WordPress plugin = 1.9.9 contains a reflected cross-site scripting caused by a lack of sanitization and escaping of a parameter before output, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a malicious URL...

6.1CVSS7.1AI score0.00564EPSS
Exploits1References2
Nuclei
Nuclei
added 16 hours ago7 views

LatePoint <= 5.0.12 - Authentication Bypass

LatePoint plugin for WordPress versions up to 5.0.12 contains an authentication bypass caused by insufficient verification of user during booking, letting unauthenticated attackers log in as any existing user if they have user ID access, exploit requires access to user ID, and the 'Use WordPress...

9.8CVSS5.9AI score0.02994EPSS
Exploits0References3
Nuclei
Nuclei
added 16 hours ago7 views

WordPress 1 Click Migration Plugin < 2.3 - Information Exposure

The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2 via the class-ocm-backup.php. This makes it possible for unauthenticated attackers to extract sensitive data includi...

5.9CVSS6.8AI score0.01575EPSS
Exploits0References2
Nuclei
Nuclei
added 16 hours ago7 views

Frontend Post Submission Manager Lite <= 1.2.7 - Open Redirect

The Frontend Post Submission Manager Lite plugin for WordPress is vulnerable to Open Redirection in all versions up to, and including, 1.2.7 due to insufficient validation on the 'requestedpage' POST parameter in the verifyusernamepassword function. This makes it possible for unauthenticated...

6.1CVSS6AI score0.0046EPSS
Exploits0References2
Nuclei
Nuclei
added 16 hours ago7 views

Cost Calculator Builder <= 3.2.15 - SQL Injection

The Cost Calculator Builder plugin for WordPress is vulnerable to SQL Injection via discount codes in versions up to, and including, 3.2.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

9.8CVSS6AI score0.02002EPSS
Exploits0References3
Total number of security vulnerabilities4139