unSafe.sh - 不安全

Nxploited/CVE-2025-53580 WordPress Simple Business Directory Pro Plugin < 15.6.9 is vulnerable to a high priority Privilege Escalation
Create: 2026-04-18 10:07:30 +0000 UTC Push: 2026-04-18 10:07:30 +0000 UTC |

jithinodattu/CVE-2023-24329-lab
Create: 2026-04-18 10:05:18 +0000 UTC Push: 2026-04-18 10:05:44 +0000 UTC |

Nxploited/CVE-2025-29009 WordPress Medical Prescription Attachment Plugin for WooCommerce Plugin <= 1.2.3 is vulnerable to a high priority Arbitrary File Upload
Create: 2026-04-18 10:04:04 +0000 UTC Push: 2026-04-18 10:04:55 +0000 UTC |

Nxploited/CVE-2025-15030 User Profile Builder < 3.15.2 - Unauthenticated Arbitrary Password Reset
Create: 2026-04-18 09:59:37 +0000 UTC Push: 2026-04-18 10:00:36 +0000 UTC |

Nxploited/CVE-2025-49901 WordPress Simple Link Directory Plugin < 14.8.1 is vulnerable to a high priority Broken Authentication
Create: 2026-04-18 09:55:58 +0000 UTC Push: 2026-04-18 09:56:21 +0000 UTC |

Nxploited/CVE-2025-13342 Frontend Admin by DynamiApps <= 3.28.20 - Unauthenticated Arbitrary Options Update
Create: 2026-04-18 09:49:50 +0000 UTC Push: 2026-04-18 09:49:51 +0000 UTC |

Nxploited/CVE-2025-14364 Demo Importer Plus <= 2.0.8 - Missing Authorization to Authenticated (Subscriber+) Site Reset and Privilege Escalation
Create: 2026-04-18 09:39:12 +0000 UTC Push: 2026-04-18 09:39:12 +0000 UTC |

Nxploited/CVE-2025-2563 The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon is enabled, leading to a privilege escalation issue and allowing unauthenticated users to gain admin privileges
Create: 2026-04-18 09:34:53 +0000 UTC Push: 2026-04-18 09:34:54 +0000 UTC |

Nxploited/CVE-2026-1937 YayMail <= 4.3.2 - Missing Authorization to Authenticated (Shop Manager+) Arbitrary Options Update via 'yaymail_import_state' AJAX Action
Create: 2026-04-18 09:25:31 +0000 UTC Push: 2026-04-18 09:25:31 +0000 UTC |

Penguinsecq/CVE-2026-6356 CVE-2026-6356
Create: 2026-04-18 09:21:17 +0000 UTC Push: 2026-04-18 09:21:18 +0000 UTC |

Nxploited/CVE-2026-1492 User Registration & Membership <= 5.1.2 - Unauthenticated Privilege Escalation via Membership Registration
Create: 2026-04-18 09:18:57 +0000 UTC Push: 2026-04-18 09:18:57 +0000 UTC |

0xBlackash/CVE-2026-39808 CVE-2026-39808
Create: 2026-04-18 09:15:36 +0000 UTC Push: 2026-04-18 09:15:36 +0000 UTC |

Nxploited/CVE-2026-4484 Masteriyo LMS <= 2.1.6 - Missing Authorization to Authenticated (Student+) Privilege Escalation to Administrator
Create: 2026-04-18 09:05:55 +0000 UTC Push: 2026-04-18 09:05:55 +0000 UTC |

Nxploited/CVE-2026-27542-CVE-2026-27540- Unauthenticated Privilege | Unauthenticated Arbitrary File Upload
Create: 2026-04-18 08:51:10 +0000 UTC Push: 2026-04-18 08:51:35 +0000 UTC |

Nxploited/CVE-2026-39987 marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability
Create: 2026-04-18 07:46:43 +0000 UTC Push: 2026-04-18 07:46:43 +0000 UTC |

Mohamedniane/cve-2025-55182-analysis Security research & exploitation analysis of CVE-2025-55182 (React) — CVSS + OWASP Top 10 mapping
Create: 2026-04-18 01:33:04 +0000 UTC Push: 2026-04-18 01:33:05 +0000 UTC |

D4rkks/CVE-2025-7771-Vulnerability-Exploration Escalating privilege in the system from unsigned driver using throttlestop vulnerability
Create: 2026-04-17 23:06:02 +0000 UTC Push: 2026-04-17 23:06:03 +0000 UTC |

Nxploited/CVE-2026-1555 WebStack <= 1.2024 - Unauthenticated Arbitrary File Upload
Create: 2026-04-17 22:03:58 +0000 UTC Push: 2026-04-17 22:03:58 +0000 UTC |

zedeq/WP-CVE-2025-4322---Scan Escaner de identificacion de vulnerabilidades para CVE-2025-4322
Create: 2026-04-17 21:22:26 +0000 UTC Push: 2026-04-17 21:22:27 +0000 UTC |

AnggaTechI/Mass-Scanner-CVE-2026-1405 WordPress mass scanner for detecting CVE-2026-1405 exposure.
Create: 2026-04-17 20:43:07 +0000 UTC Push: 2026-04-17 20:43:07 +0000 UTC |