-
```yaml
id: CVE-2021-25120
info:
name: Easy Social Feed < 6.2.7 - Reflected Cross-Site Scripting
author: Akincibor
severity: medium
description: The plugins do not sanitise some of the…
-
```yaml
id: CVE-2022-1020
info:
name: Woo Product Table < 3.1.2 - Unauthenticated Arbitrary Function Call
author: Akincibor
severity: high
description: The plugin does not have autho…
-
I followed the install instruction but get an error when running (system is Debian 11):
./cewl.rb http://www.xxxxxx.com/
CeWL 5.5.2 (Grouping) Robin Wood (robin@digi.ninja) (https://digi.ninja/)
…
-
According to WPScan, the plugin is using...
> an insecure version of the Freemius Framework, which is lacking CSRF and/or authorisation in some of its AJAX actions. As a result, any authenticated use…
-
**Is your feature request related to a problem? Please describe.**
wpscan now can't scan php-everywhere plugins but the plugin has vulnerabilities that can lead to code execution
**Describe the so…
WAY29 updated
2 years ago
-
It would be good to easily be able to set set your wpscan api key somewhere.
When a key is set, the provided manual command for wpscan would be included as a parameter always.
wpscans api parameter…
-
```
id: CVE-2013-6281
info:
name: WordPress Spreadsheet - dhtmlxspreadsheet Plugin Reflected XSS
author: random-robbie
severity: medium
description: TThe dhtmlxspreadsheet WordPress pl…
-
**Bug description**
Error 500 upon import of a WPscan result via V2 API
```
[18/Jan/2022 19:32:52] ERROR [dojo.api_v2.exception_handler:32] can only concatenate str (not "NoneType") to str
Trace…
-
### Subject of the issue
This appears repeatedly when running wpscan:
```
/opt/homebrew/lib/ruby/gems/3.1.0/gems/cms_scanner-0.13.6/lib/cms_scanner/formatter.rb:96: warning: Passing safe_level …
tomjn updated
2 years ago
-
```
id: CVE-2022-1119
info:
name: Simple File List < 3.2.8 - Unauthenticated Arbitrary File Download
author: random-robbie
severity: high
description: |
The plugin is vulnerable t…