Exploits found on the INTERNET

This is live excerpt from our database. Available also using API

Edit Date Name Status
2023-03-15WordPress Profile Builder 3.9.0 Missing AuthorizationPublished
2023-03-09WordPress Real Estate 7 Theme < = 3.3.4 - Abuse of FunctionalityPublished
2023-03-08WordPress WoodMart Theme < = 7.1.0 - Unauthenticated Arbitrary Shortcodes InjectionPublished
2023-03-05WordPress Real Estate 7 Theme < = 3.3.4 - Multiple Cross-Site Request Forgery CSRF VulnerabilitPublished
2023-03-05WordPress Real Estate 7 Theme < = 3.3.4 - Unauthenticated Reflected Cross-Site Scripting XSSPublished
2023-03-05WordPress WoodMart Theme < = 7.1.1 - Theme License Options Change via CSRFPublished
2023-03-01WordPress Real Estate 7 Theme 3.3.4 Cross Site ScriptingPublished
2023-03-01WordPress WoodMart Theme 7.1.1 Cross Site Request ForgeryPublished
2023-02-12Wordpress Multiple themes - Unauthenticated Arbitrary File UploadPublished
2023-02-08WordPress Metform Elementor Contact Form Builder 3.1.2 Cross Site ScriptingPublished
2023-02-02WordPress Quick Restaurant 2.0.2 XSS / CSRF / IDOR / Missing AuthorizationPublished
2023-01-11WordPress Royal Elementor 1.3.59 XSS / CSRF / Insufficient Access ControlsPublished
2023-01-09WordPress Core 6.0.2 - 'side-nav-select' SQL InjectionPublished
2023-01-06Wordpress Dsp Dating Csrf FIle UploadPublished
2022-12-24WordPress Yith WooCommerce Gift Cards Premium 3.19.0 Shell UploadPublished
2022-11-22WordPress BeTheme 26.5.1.4 PHP Object InjectionPublished
2022-11-15WordPress BeTheme BeCustom 1.0.5.2 Cross Site Request ForgeryPublished
2022-11-10WordPress Blog2Social 6.9.11 Missing AuthorizationPublished
2022-10-18Wordpress Plugin ImageMagick-Engine 1.7.4 Remote Code Execution RCE AuthenticatedPublished
2022-10-15WordPress Zephyr Project Manager 3.2.42 SQL InjectionPublished
2022-10-10WordPress eCommerce Product Catalog 3.0.70 Cross Site ScriptingPublished
2022-10-10WordPress / Joomla JReviews 4.1.5 Cross Site ScriptingPublished
2022-10-08Wordpress Plugin Zephyr Project Manager 3.2.42 Multiple SQLiPublished
2022-09-28WordPress Sabai Discuss 1.4.13 Cross Site ScriptingPublished
2022-09-28WordPress Motopress Hotel Booking Lite 4.4.2 Cross Site ScriptingPublished
2022-09-25WordPress WP-UserOnline 2.88.0 Cross Site ScriptingPublished
2022-09-20WordPress GetYourGuide Ticketing 1.0.1 Cross Site ScriptingPublished
2022-09-07WordPress BackupBuddy 8.7.4.1 Arbitrary File ReadPublished
2022-09-03WordPress Plugin Duplicator 1.4.7 Information DisclosurePublished
2022-09-02WordPress Netroics Blog Posts Grid 1.0 Cross Site ScriptingPublished
2022-08-31WordPress Core Cross Site Scripting / SQL InjectionPublished
2022-08-20Transposh WordPress Translation 1.0.8.1 Incorrect AuthorizationPublished
2022-08-06WordPress Ecwid Ecommerce Shopping Cart 6.10.23 Cross Site Request ForgeryPublished
2022-08-06WordPress Testimonial Slider And Showcase 2.2.6 Cross Site ScriptingPublished
2022-08-03WordPress WP-UserOnline 2.87.6 Cross Site ScriptingPublished
2022-08-01Transposh WordPress Translation 1.0.8.1 Cross Site Request ForgeryPublished




Copyright © 2023 Exploitalert v1 BETA.
About us & Partners This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy