Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to Information Exposure in all versions up to, and including, 19.9.7 via the 'ajax_action_re_ge
The The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 19.9.7. This is due
The Industrial theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the _ajax_get_total_content_import_item
The Broadstreet plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.53.1 via the get_sponsored_meta() AJAX action. This makes it possible for a
The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.27 via the search feature in class-cubewp-search-
The Unlimited Theme Addon For Elementor and WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.2 via the 'uta-template' shortcode due to i
The Locker Content plugin for WordPress is vulnerable to Sensitive Information Exposure in version 1.0.0 via the 'lockerco_submit_post' AJAX endpoint. This makes it possible for unauthenticated attack
The WoodMart plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 8.2.5 via the woodmart_get_posts_by_query() function due to insufficient restrictions on w
The PDF Catalog for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pdfcatalog' AJAX action in all versions up to, and including, 1.1.18 due to insufficient inpu
The Memberful plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.73.9 via the WordPress core search feature. This makes it possible for unauth
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.17.13 via the auxels_ajax_search due to insufficien
Insertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a
The Admin Trim Interface plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.5.1. This is due to the plugin utilizing bootstrap and leaving test files wi
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.8 via the download_user_ajax function. T
The Memberpress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.37 via the WordPress core search feature. This makes it possible for una
The Flex Mag - Responsive WordPress News Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the prop
The Puzzles | WP Magazine / Review with Store WordPress Theme + RTL theme for WordPress is vulnerable to Stored Cross-Site Scripting due to a missing capability check on the 'theme_options_ajax_post_a
The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the add_single_eventon and add_eventon shortcodes due to insufficient rest
The Full Screen Menu for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.7 via the Full Screen Menu Elementor Widget due to insufficient
The Directory Listings WordPress plugin – uListing plugin for WordPress is vulnerable to unauthorized modification of data and PHP Object Injection due to a missing capability check on the stm_listing
Page 1+ Next →