Lucene search
+L
NucleiRecent

4146 matches found

nuclei
nuclei
added 13 hours ago48 views

Event Monster <= 1.4.3 - Information Exposure Via Visitors List Export

The Event Monster Event Management, Tickets Booking, Upcoming Event plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.3 via the Visitors List Export file. During the export, a CSV file is created in the wp-content folder with a hardcoded filename...

5.3CVSS6.5AI score0.01942EPSS
Exploits2References5
nuclei
nuclei
added 13 hours ago17 views

phpMyFAQ < 3.1.8 - Cross-Site Scripting

phpMyFAQ versions prior to 3.1.8 contain a reflected cross-site scripting vulnerability in the search functionality. The application fails to properly sanitize user input in the search parameter, allowing attackers to inject and execute malicious JavaScript code in the context of other users'...

7.3CVSS6.8AI score0.05743EPSS
Exploits3References3
nuclei
nuclei
added 13 hours ago88 views

Mitel MiCollab - Arbitary File Read

The Mitel Collab Arbitrary File Read vulnerability allows an unauthenticated attacker to read arbitrary files from the underlying file system on a Mitel Collab server. Exploiting this flaw involves sending specially crafted requests to the server, bypassing access controls and allowing the attack...

9.8CVSS6.8AI score0.98067EPSS
Exploits3References3
nuclei
nuclei
added 13 hours ago80 views

LearnPress Plugin < 4.2.0 - Unauthenticated Time-Based Blind SQLi

SQL Injection vulnerability in LearnPress – WordPress LMS Plugin = 4.1.7.3.2 versions. id: CVE-2022-45808 info: name: LearnPress Plugin 4.2.0 - Unauthenticated Time-Based Blind SQLi author: DhiyaneshDK severity: critical description: | SQL Injection vulnerability in LearnPress – WordPress LMS...

9.9CVSS7AI score0.04269EPSS
Exploits2References2
nuclei
nuclei
added 13 hours ago80 views

AVM FRITZ!Box 7530 AX - Unauthorized Access

An access control issue in the component /juisboxinfo.xml of AVM FRITZ!Box 7530 AX v7.59 allows attackers to obtain sensitive information without authentication. id: CVE-2024-54767 info: name: AVM FRITZ!Box 7530 AX - Unauthorized Access author: DhiyaneshDK severity: high description: | An access...

7.5CVSS6AI score0.01787EPSS
Exploits0References1
nuclei
nuclei
added 13 hours ago19 views

WordPress Product Addons & Fields for WooCommerce < 32.0.7 - Cross-Site Scripting

The Product Addons & Fields for WooCommerce WordPress plugin before version 32.0.7 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape some URL parameters in the admin panel, which could allow attackers to execute arbitrary JavaScript code in ...

6.1CVSS7AI score0.00952EPSS
Exploits2References2
nuclei
nuclei
added 13 hours ago43 views

WordPress Themify Builder < 7.5.8 - Open Redirect

The Themify Builder WordPress plugin before version 7.5.8 contains an open redirect vulnerability. The plugin does not validate the tbredirectfail parameter before redirecting users to its value, which could allow attackers to redirect users to malicious websites. id: CVE-2024-3032 info: name:...

6.1CVSS6.1AI score0.00823EPSS
Exploits2References2
nuclei
nuclei
added 13 hours ago35 views

WordPress WPB Show Core <= 2.2 - Server-Side Request Forgery

The WPB Show Core WordPress plugin through version 2.2 is vulnerable to Server-Side Request Forgery SSRF via the 'path' parameter in the download-file.php script. This vulnerability allows unauthenticated attackers to make the server perform requests to arbitrary URLs. id: CVE-2023-5974 info: nam...

9.8CVSS7.1AI score0.0315EPSS
Exploits2References2
nuclei
nuclei
added 13 hours ago78 views

FlowiseAI Flowise <= 2.2.6 - Arbitrary File Upload

FlowiseAI Flowise version 2.2.6 and below contains an arbitrary file upload vulnerability in the /api/v1/attachments endpoint. This vulnerability allows an unauthenticated attacker to upload files outside the intended directory through path traversal, potentially leading to API key exposure and...

9.8CVSS7.3AI score0.50789EPSS
Exploits1References3
nuclei
nuclei
added 13 hours ago17 views

Journyx 11.5.4 - Reflected Cross Site Scripting

Attackers can craft a malicious link that once clicked will execute arbitrary JavaScript in the context of the Journyx web application. id: CVE-2024-6892 info: name: Journyx 11.5.4 - Reflected Cross Site Scripting author: DhiyaneshDk severity: medium description: | Attackers can craft a malicious...

6.1CVSS6.6AI score0.00713EPSS
Exploits2References3
nuclei
nuclei
added 13 hours ago89 views

WordPress SEO Tools Plugin 4.0.7 - Cross-Site Scripting

The SEO Tools WordPress plugin through version 4.0.7 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape the 'src' parameter in the rssread.php file before outputting it back in the page, which could allow attackers to execute arbitrary...

6.1CVSS7.2AI score0.00594EPSS
Exploits1References2
nuclei
nuclei
added 13 hours ago58 views

Download Manager < 3.3.04 - Unauthenticated Arbitrary Shortcode Execution

The The Download Manager plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.3.03. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

7.3CVSS7.3AI score0.01888EPSS
Exploits0References4
nuclei
nuclei
added 13 hours ago13 views

WordPress Post Timeline Plugin < 2.2.6 - Cross-Site Scripting

The Post Timeline WordPress plugin before version 2.2.6 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape an invalid nonce before outputting it back in an AJAX response, which could allow attackers to execute arbitrary JavaScript code in an...

6.1CVSS7AI score0.00709EPSS
Exploits1References2
nuclei
nuclei
added 13 hours ago114 views

HUSKY – Products Filter Professional for WooCommerce <= 1.3.6.5 - Unauthenticated Local File Inclusion

The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.6.5 via the 'template' parameter of the wooftextsearch AJAX action. This makes it possible for unauthenticated attackers to include and...

9.8CVSS7.4AI score0.54756EPSS
Exploits2References5
nuclei
nuclei
added 13 hours ago17 views

WordPress WPMovieLibrary Plugin <= 2.1.4.8 - Cross-Site Scripting

The WPMovieLibrary WordPress plugin through version 2.1.4.8 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape the 'order' parameter in the import page before outputting it back, which could allow attackers to execute arbitrary JavaScript cod...

7.1CVSS7.2AI score0.00649EPSS
Exploits1References2
nuclei
nuclei
added 13 hours ago58 views

WP-Recall – Plugin <= 16.26.10 - Unauthenticated SQL Injection

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to SQL Injection via the 'databeat' parameter in all versions up to, and including, 16.26.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

9.8CVSS7AI score0.02886EPSS
Exploits1References2
nuclei
nuclei
added 13 hours ago25 views

WordPress CAS Theme <= 1.0.0 - Server-Side Request Forgery

The CAS WordPress theme through version 1.0.0 is vulnerable to Server-Side Request Forgery SSRF via the 'url' parameter in the getremotedata.php script. This vulnerability allows unauthenticated attackers to make the server perform requests to arbitrary URLs. id: CVE-2024-4399 info: name: WordPre...

9.1CVSS6.2AI score0.01836EPSS
Exploits2References2
nuclei
nuclei
added 13 hours ago24 views

openSIS Classic v9.1 - SQL Injection

SQL injection vulnerability exists in OS4ED openSIS-Classic Version 9.1, specifically in the resetuserinfo.php file. The vulnerability is due to improper input validation of the $usernamestnid parameter, which can be manipulated by an attacker to inject arbitrary SQL commands. id: CVE-2024-51211...

9.8CVSS6.2AI score0.02192EPSS
Exploits2References2
nuclei
nuclei
added 13 hours ago18 views

ArForms < 6.6 - Remote Code Execution

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form id: CVE-2024-4620 info: name: ArForms 6.6 - Remote Code Execution autho...

9.8CVSS6.1AI score0.03345EPSS
Exploits2References1
nuclei
nuclei
added 13 hours ago32 views

IPS Community Suite - Unauthenticated SQL Injection

IPS Community Suite is vulnerable to unauthenticated SQL injection via the filter parameter in the /index.php?/store/ endpoint, allowing attackers to extract sensitive information from the database. id: CVE-2024-30163 info: name: IPS Community Suite - Unauthenticated SQL Injection author:...

9.8CVSS7AI score0.08676EPSS
Exploits3References2
nuclei
nuclei
added 13 hours ago29 views

Intelbras NPLUG 1.0.0.14 - Authentication Bypass

Intelbras NPLUG 1.0.0.14 is vulnerable to authentication bypass through cookie manipulation. An attacker can bypass authentication by simply setting a cookie named "admin:". id: CVE-2018-12455 info: name: Intelbras NPLUG 1.0.0.14 - Authentication Bypass author: ritikchaddha severity: critical...

9.3CVSS7AI score0.05867EPSS
Exploits3References2
nuclei
nuclei
added 13 hours ago39 views

tshirtecommerce PrestaShop Module - SQL Injection

The tshirtecommerce module for PrestaShop is vulnerable to unauthenticated SQL injection via the tshirtecommercedesigncartid parameter, allowing attackers to execute arbitrary SQL queries and extract sensitive information from the database. This is due to lack of input sanitization, as shown in t...

9.8CVSS7.2AI score0.03299EPSS
Exploits1References2
nuclei
nuclei
added 13 hours ago55 views

PrestaShop `tshirtecommerce` Module - SQL Injection

The tshirtecommerce module for PrestaShop is vulnerable to unauthenticated SQL injection via the designer endpoint, allowing attackers to execute arbitrary SQL queries and extract sensitive information from the database. id: CVE-2023-27637 info: name: PrestaShop tshirtecommerce Module - SQL...

9.8CVSS7.2AI score0.03299EPSS
Exploits1References4
nuclei
nuclei
added 13 hours ago120 views

Eventin <= 4.0.26 - Privilege Escalation

The Eventin WordPress plugin before 4.0.27 suffers from an unauthenticated privilege escalation vulnerability. Due to a missing permission check in the a REST API endpoint, unauthenticated attackers can import users with arbitrary roles, including administrator, leading to full site compromise. i...

9.8CVSS7.1AI score0.3092EPSS
Exploits4References3
nuclei
nuclei
added 13 hours ago73 views

Easy WP SMTP <= 1.3.9 - Missing Authorization to Arbitrary Options Update

The Easy WP SMTP plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.3.9. This is due to missing capability checks on the admininit function, in addition to insufficient input validation. This makes it possible for unauthenticated attackers to modify the...

9.8CVSS7AI score0.04461EPSS
Exploits1References3
nuclei
nuclei
added 13 hours ago103 views

MagnusBilling Alarm Module - Cross-Site Scripting

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling Alarm Module modules allows authenticated stored cross-site scripting. This vulnerability is associated with program files protected/components/MagnusLog.Php.This issue affects MagnusBilling-...

7.6CVSS5.8AI score0.00888EPSS
Exploits1References3
nuclei
nuclei
added 13 hours ago117 views

Jordy Meow AI Engine - Unrestricted File Upload

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine- ChatGPT Chatbot.This issue affects AI Engine- ChatGPT Chatbot- from n/a through 1.9.98. id: CVE-2023-51409 info: name: Jordy Meow AI Engine - Unrestricted File Upload author: pussycat0x severity: critical...

10CVSS7AI score0.65046EPSS
Exploits4References4
nuclei
nuclei
added 13 hours ago41 views

INTELBRAS TELEFONE IP TIP200 60.61.75.22 - Local File Inclusion

INTELBRAS TELEFONE IP TIP200 version 60.61.75.22 is vulnerable to information disclosure, allowing unauthenticated attackers to access sensitive device information and configuration data via a direct request to the /cgi-bin/exportsettings.sh endpoint. id: CVE-2020-24285 info: name: INTELBRAS...

7.5CVSS7AI score0.04497EPSS
Exploits1References2
nuclei
nuclei
added 13 hours ago84 views

Multiple Shipping Address Woocommerce < 2.0 - SQL Injection

The Multiple Shipping Address Woocommerce plugin before 2.0 does not properly sanitize and escape numerous parameters before using them in SQL statements via some AJAX actions available to unauthenticated users, leading to unauthenticated SQL injections. id: CVE-2022-0783 info: name: Multiple...

9.8CVSS7.1AI score0.07866EPSS
Exploits2References2
nuclei
nuclei
added 13 hours ago71 views

InstaWP Connect <= 0.1.0.22 - Unauthenticated Arbitrary File Upload

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes it possible for...

9.8CVSS6.2AI score0.05747EPSS
Exploits0References3
nuclei
nuclei
added 13 hours ago30 views

openSIS v9.0 - Path Traversal

A path traversal vulnerability exists in openSIS Classic Community Edition v9.0 via the 'filename' parameter in DownloadWindow.php. An unauthenticated remote attacker can exploit this to read arbitrary files on the server by manipulating file paths. id: CVE-2023-38879 info: name: openSIS v9.0 -...

7.5CVSS7.1AI score0.03663EPSS
Exploits0References2
nuclei
nuclei
added 13 hours ago80 views

InstaWP Connect < 0.1.0.86 - Local PHP File Inclusion

The InstaWP Connect - 1-click WP Staging & Migration plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.1.0.85 via the 'instawp-database-manager' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files ...

8.1CVSS7.4AI score0.10241EPSS
Exploits0References3
nuclei
nuclei
added 13 hours ago15 views

Dell KACE Systems Management Appliance (K1000) 6.4.120756 - Remote Code Execution

service/krashrpt.php in Quest KACE K1000 Systems Management Appliance before 6.4 SP3 6.4.120822 allows a remote attacker to execute code via shell metacharacters in the kuid parameter. id: CVE-2019-20504 info: name: Dell KACE Systems Management Appliance K1000 6.4.120756 - Remote Code Execution...

9.8CVSS7.2AI score0.0955EPSS
Exploits1References3
nuclei
nuclei
added 13 hours ago59 views

MagnusBilling Login Logs - Cross-Site Scripting

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is...

8.2CVSS6AI score0.01089EPSS
Exploits1References3
nuclei
nuclei
added 13 hours ago33 views

LearnPress < 4.2.7.1 - SQL Injection

The LearnPress WordPress LMS Plugin before 4.2.7.1 is vulnerable to unauthenticated SQL injection via the 'cfields' parameter in the /wp-json/lp/v1/courses/archive-course REST API endpoint, allowing attackers to extract sensitive information from the database. id: CVE-2024-8529 info: name:...

10CVSS6.1AI score0.11831EPSS
Exploits2References3
nuclei
nuclei
added 13 hours ago27 views

YouPHPTube Encoder - Arbitrary File Write

Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube.The parameter base64Url in /objects/getImageMP4.php is vulnerable to a command injection attack. id: CVE-2019-5128 info: name: YouPHPTube Encoder - Arbitrary...

10CVSS7AI score0.30174EPSS
Exploits1References1
nuclei
nuclei
added 13 hours ago37 views

YouPHPTube Encoder 2.3 - Command Injection

Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube.The parameter base64Url in /objects/getImageMP4.php is vulnerable to a command injection attack. id: CVE-2019-5129 info: name: YouPHPTube Encoder 2.3 - Command...

10CVSS7AI score0.38531EPSS
Exploits1References1
nuclei
nuclei
added 13 hours ago45 views

Aruba Instant Access Point (IAP) - Cross-Site Scripting

A remote cross-site scripting xss vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below;...

6.1CVSS6.7AI score0.16372EPSS
Exploits3References2
nuclei
nuclei
added 13 hours ago16 views

Roxy-WI < 6.1.1.0 - Remote Code Execution

Roxy-WI before 6.1.1.0 is susceptible to remote code execution. System commands can be run remotely via the subprocessexecute function without processing the inputs received from the user in the /app/options.py file. id: CVE-2022-31137 info: name: Roxy-WI 6.1.1.0 - Remote Code Execution author:...

10CVSS7.3AI score0.90387EPSS
Exploits15References4
nuclei
nuclei
added 13 hours ago31 views

DrayTek Vigor - Command Injection

DrayTek Vigor devices contain a command injection vulnerability in the cvmcfgupload functionality. The vulnerability allows remote attackers to execute arbitrary commands through specially crafted requests to the /cgi-bin/mainfunction.cgi/cvmcfgupload endpoint. id: CVE-2020-15415 info: name:...

9.8CVSS7AI score0.84203EPSS
Exploits1References2
nuclei
nuclei
added 13 hours ago34 views

Bootstrap Multiselect <= 1.1.2 - Cross-Site Scripting

A PHP script in the source code release echoes arbitrary POST data. If a developer adopts this structure wholesale in a live application, it could create a Reflective Cross-Site Scripting XSS vulnerability exploitable through Cross-Site Request Forgery CSRF. id: CVE-2025-47204 info: name: Bootstr...

6.1CVSS6.2AI score0.00424EPSS
Exploits0References1
nuclei
nuclei
added 13 hours ago52 views

Pichome 2.1.0 - Arbitrary File Read

A vulnerability, which was classified as critical, was found in zyx0814 Pichome 2.1.0. This affects an unknown part of the file /index.php?mod=textviewer. The manipulation of the argument src leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed t...

6.9CVSS6.2AI score0.0161EPSS
Exploits0References2
nuclei
nuclei
added 13 hours ago17 views

MapSVG < 6.2.20 - Unauthenticated SQLi

The MapSVG WordPress plugin before 6.2.20 does not validate and escape a parameter via a REST endpoint before using it in a SQL statement, leading to a SQL Injection exploitable by unauthenticated users. id: CVE-2022-0592 info: name: MapSVG 6.2.20 - Unauthenticated SQLi author: DhiyaneshDK...

9.8CVSS7.1AI score0.10279EPSS
Exploits2References1
nuclei
nuclei
added 13 hours ago21 views

KodExplorer - Cross-Site Scripting

KodExplorer is susceptible to a reflected cross-site scripting XSS vulnerability in the file view functionality.The vulnerability exists in app/template/api/view.html where user-supplied input in the 'path' parameter is directly echoed without proper sanitization.This allows attackers to inject...

6.1CVSS6.4AI score0.00705EPSS
Exploits0References2
nuclei
nuclei
added 13 hours ago88 views

Grafana - XSS / Open Redirect / SSRF via Client Path Traversal

An open redirect vulnerability in Grafana can be chained with other issues, such as XSS or SSRF, to increase impact. An attacker may exploit the redirect to target internal services or deliver malicious JavaScript, potentially leading to internal data exposure or account takeover. id: CVE-2025-41...

7.6CVSS7AI score0.97999EPSS
Exploits6References2
nuclei
nuclei
added 13 hours ago102 views

WordPress File Upload Plugin < 4.24.8 - Cross-Site Scripting

The WordPress File Upload plugin before version 4.24.8 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape the 'dir' parameter in the file browser page before outputting it back, which could allow attackers to execute arbitrary JavaScript code...

6.1CVSS6.3AI score0.15012EPSS
Exploits2References2
nuclei
nuclei
added 13 hours ago12 views

WordPress Grow by Tradedoubler Plugin < 2.0.22 - Unauthenticated Local File Inclusion

The Grow by Tradedoubler WordPress plugin through version 2.0.21 is vulnerable to Local File Inclusion via the component parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files. id: CVE-2024-6460 info:...

9.8CVSS6.2AI score0.04826EPSS
Exploits1References2
nuclei
nuclei
added 13 hours ago85 views

Discourse Backup File Disclosure Via Default Nginx Configuration

Discourse is an open source platform for community discussion. This vulnerability only impacts Discourse instances configured to use FileStore--LocalStore which means uploads and backups are stored locally on disk. If an attacker knows the name of the Discourse backup file, the attacker can trick...

7.5CVSS7AI score0.25431EPSS
Exploits0References2
nuclei
nuclei
added 13 hours ago81 views

File Away <= 3.9.9.0.1 - Missing Authorization to Unauthenticated Arbitrary File Read

The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax function in all versions up to, and including, 3.9.9.0.1. This makes it possible for unauthenticated attackers, leveraging the use of a reversible weak algorithm, to read...

7.5CVSS7.1AI score0.01606EPSS
Exploits6References5
nuclei
nuclei
added 13 hours ago25 views

Mage AI - Insecure Default Authentication Setup

A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability i...

6.3CVSS5.3AI score0.01045EPSS
Exploits1References5
Total number of security vulnerabilities4146