WordPress EventPrime plugin versions 4.2.8.1 and below suffer from an unauthenticated arbitrary file upload vulnerability...
Microsoft MMC MSC EvilTwin local admin creation exploit...
React Server versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 proof of concept remote code execution exploit...
WordPress Contact List plugin versions 3.0.17 and below suffer from a persistent cross site scripting vulnerability...
WordPress Tutor LMS plugin versions 3.9.5 and below suffer from broken access control and insecure direct object reference vulnerabilities...
XiboCMS version 3.3.4 zip slip exploit that leverages path traversal and arbitrary file upload vulnerabilities to achieve code execution...
SQLite version 3.50.1 proof of concept that triggers a heap overflow in winsqlite3.dll via excessive aggregate functions...
NetBT e-Fatura 2024 suffers from an unquoted service path vulnerability...
MyRewards – Loyalty Points and Rewards for WooCommerce versions 5.6.0 and below suffer from a missing authorization vulnerability that allows for p...
RomM versions prior to 4.4.1 chained vulnerabilities exploit that leverages file upload to achieve cross site scripting that then leverages csrf to...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
