Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Improper Access Control vulnerability in Drupal Open Social allows Collect Data from Common Resource Locations.This issue affects Open Social: from 0.0.0 before 12.05.
Improper Control of Interaction Frequency vulnerability in Drupal Open Social allows Functionality Misuse.This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5.
Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 11.8.0 before 12.3.10, from 12.4.0 before 12.4.9.
Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10.
CVE-2025-31685
CRITICAL CVSS 9.1
Find Similar
Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10.
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Open Social allows Cross Site Request Forgery.This issue affects Open Social: from 0.0.0 before 12.3.14, from 12.4.0 before 12.4.13.
Missing Authorization vulnerability in social share pro Social Share Icons & Social Share Buttons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Shar
Cross-Site Request Forgery (CSRF) vulnerability in Passionate Programmers B.V. WP Data Access.This issue affects WP Data Access: from n/a through 5.5.7.
Improper removal of sensitive information before storage or transfer vulnerability in The Wikimedia Foundation Mediawiki - CentralAuth Extension allows Resource Leak Exposure. The issue has been remed
A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users
Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop SociallyViral.This issue affects SociallyViral: from n/a through 1.0.10.
Cross-Site Request Forgery (CSRF) vulnerability in nertworks NertWorks All in One Social Share Tools nertworks-all-in-one-social-share-tools allows Cross Site Request Forgery.This issue affects NertWo
Missing Authorization vulnerability in Inisev Social Media & Share Icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Media & Share Icons: from n/a
Missing Authorization vulnerability in Joao Romao Social Share Buttons & Analytics Plugin – GetSocial.io wp-share-buttons-analytics-by-getsocial allows Exploiting Incorrectly Configured Access Control
CVE-2024-6878
CRITICAL CVSS 9.2
Find Similar
Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations. This issue affects Panel: before v2.3.24.
CVE-2026-22337
CRITICAL CVSS 9.8
Find Similar
Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows Privilege Escalation.This issue affects Directorist Social Login: from n/a before 2.1.4.
Improper Handling of Case Sensitivity vulnerability in Drupal OpenID Connect / OAuth client allows Privilege Escalation.This issue affects OpenID Connect / OAuth client: from 0.0.0 before 1.5.0.
Incorrect Authorization vulnerability in Drupal Unpublished Node Permissions allows Forceful Browsing.This issue affects Unpublished Node Permissions: from 0.0.0 before 1.7.0.
Page 1+ Next →