Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 24809+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Premium intel
CVSS 8.8
TextPattern CMS 4.8.7 Authenticated RCE via File Upload and POC
www.exploit-db.com · 2026-05-10

# TextPattern CMS 4.8.7 - Remote Command Execution (RCE) (Authenticated) ## Vulnerability Overview TextPattern CMS version 4.8.7 contains a remote command execution (RCE) vulnerability. An attacker ca…

Read more
Premium intel
CVSS 9.8
WordPress MStore API 2.0.6 Arbitrary File Upload Exploit
www.exploit-db.com · 2026-05-10

# Vulnerability Summary ## Overview - **Vulnerability Name**: WordPress Plugin MStore API 2.0.6 - Arbitrary File Upload - **EDB-ID**: EDB379 - **Author**: SPACEHEN - **Publication Date**: 2021-09-22 -…

Read more
CVSS 6.4
Projectsend r1295 Stored XSS via File Name Upload
www.exploit-db.com · 2026-05-10

# Projectsend r1295 - 'name' Stored XSS ## Vulnerability Overview - **EDB-ID**: 50240 - **Vulnerability Type**: Stored Cross-Site Scripting (Stored XSS) - **Affected Application**: Projectsend r1295 -…

Read more
Premium intel
CVSS 8.8
CyberPanel 2.1 Authenticated Remote Code Execution (RCE) Vulnerability Analysis
www.exploit-db.com · 2026-05-10

# CyberPanel 2.1 Remote Code Execution (RCE) Summary ## Vulnerability Overview * **Vulnerability Name**: CyberPanel 2.1 - Remote Code Execution (RCE) (Authenticated) * **EDB-ID**: 50230 * **Publicatio…

Read more
CVSS 5.4
WordPress Plugin GetPaid 2.4.6 HTML Injection Vulnerability and Reproduction Steps
www.exploit-db.com · 2026-05-10

# WordPress Plugin Payments Plugin | GetPaid 2.4.6 - HTML Injection ## Vulnerability Overview - **Vulnerability Type**: HTML Injection - **EDB-ID**: 50246 - **Author**: Niraj Mahajan - **Publication D…

Read more
CVSS 6.4
Projectsend r1295 Stored XSS Vulnerability (CVE-2021-47947) Advisory
www.vulncheck.com · 2026-05-10

# Projectsend r1295 Stored Cross-Site Scripting Vulnerability (CVE-2021-47947) ## Vulnerability Overview * **Vulnerability Type**: Stored Cross-Site Scripting (Stored XSS) * **Vulnerability ID**: CVE-…

Read more
Premium intel
CVSS 9.8
OpenCATS 0.9.4 Remote Code Execution via Resume Upload (RCE)
www.exploit-db.com · 2026-05-10

# OpenCATS 0.9.4 Remote Code Execution Vulnerability (RCE) ## Vulnerability Overview * **Vulnerability Name**: OpenCATS 0.9.4 - Remote Code Execution (RCE) * **EDB-ID**: 50565 * **Publication Date**: …

Read more
CVSS 5.4
WordPress GetPaid Plugin HTML Injection Vulnerability Advisory (CVE-80)
www.vulncheck.com · 2026-05-10

# WordPress GetPaid Plugin 2.4.6 HTML Injection via Help Text ## Vulnerability Overview WordPress GetPaid Plugin 2.4.6 contains an HTML injection vulnerability that allows authenticated attackers to i…

Read more
Premium intel
CVSS 9.8
TheCartPress 1.5.3.6 Unauthenticated Privilege Escalation PoC (EDB-50378)
www.exploit-db.com · 2026-05-10

# Vulnerability Summary: TheCartPress 1.5.3.6 Privilege Escalation Vulnerability ## Vulnerability Overview * **Vulnerability Name**: WordPress Plugin TheCartPress 1.5.3.6 - Privilege Escalation (Unaut…

Read more
Premium intel
CVSS 9.8
WordPress Download From Files 1.48 Arbitrary File Upload Vulnerability Advisory and POC
www.exploit-db.com · 2026-05-10

# Vulnerability Summary: WordPress Plugin Download From Files 1.48 - Arbitrary File Upload ## Vulnerability Overview * **Vulnerability Name**: WordPress Plugin Download From Files 1.48 - Arbitrary Fil…

Read more
Premium intel
CVSS 8.8
Evolution CMS 3.1.6 Authenticated RCE Vulnerability and POC
www.exploit-db.com · 2026-05-10

# Evolution CMS 3.1.6 Remote Code Execution (RCE) Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: Evolution CMS 3.1.6 - Remote Code Execution (RCE) (Authenticated) * **EDB-ID…

Read more
Premium intel
CVSS 8.8
e107 CMS 2.3.0 Authenticated RCE Vulnerability (EDB-50315) with Exploit Code
www.exploit-db.com · 2026-05-10

# e107 CMS 2.3.0 远程代码执行漏洞 (RCE) 总结 ## 漏洞概述 * **漏洞名称**: e107 CMS 2.3.0 - 远程代码执行 (RCE) (Authenticated) * **EDB-ID**: 50315 * **发布日期**: 2021-09-22 * **漏洞类型**: Webapps * **平台**: PHP * **利用条件**: 需要认证权限 (Au…

Read more
Premium intel
CVSS 8.8
Evolution CMS 3.5.6 sLang Module SQL Injection Vulnerability with POC
evo.im · 2026-05-10

# Vulnerability Summary ## Overview Evolution CMS 3.5.6 contains a SQL injection vulnerability. This vulnerability exists in the `sLang` module, which allows attackers to execute arbitrary SQL command…

Read more
CVSS 4.3
OpenCart 3.0.3.7 Password Change CSRF Vulnerability with PoC
www.exploit-db.com · 2026-05-10

# OpenCart 3.0.3.7 Password Change Cross-Site Request Forgery (CSRF) Vulnerability Summary ## Vulnerability Overview OpenCart is an open-source shopping cart system that contains a Cross-Site Request …

Read more
Premium intel
CVSS 9.8
OpenCart 3.0.3.8 Session Injection Vulnerability Analysis
www.exploit-db.com · 2026-05-10

# Vulnerability Summary: OpenCart 3.0.3.8 Session Injection ## Vulnerability Overview - **Vulnerability Type**: Session Fixation / Injection - **Description**: In OpenCart version 3.0.3.8, the session…

Read more
CVSS 6.4
Stored XSS in Wordpress Plugin 3dady real-time web stats 1.0
www.exploit-db.com · 2026-05-10

# Vulnerability Summary ## Vulnerability Overview - **Vulnerability Name**: Wordpress Plugin 3dady real-time web stats 1.0 - Stored Cross Site Scripting (XSS) - **EDB-ID**: 51021 - **CVE**: N/A - **Au…

Read more
CVSS 6.1
Moodle LMS 4.0 Unauthenticated XSS in course/search.php (CVE-79)
www.vulncheck.com · 2026-05-10

# Moodle LMS 4.0 Cross-Site Scripting Vulnerability Summary ## Vulnerability Overview - **Vulnerability Type**: Cross-Site Scripting (XSS) - **Vulnerable Location**: `course/search.php` - **Root Cause…

Read more
CVSS 6.1
uBidAuction v2.0.1 Non-Persistent XSS Vulnerability with PoC
www.exploit-db.com · 2026-05-10

# uBidAuction v2.0.1 Cross-Site Scripting (XSS) Vulnerability Summary ## Vulnerability Overview * **Vulnerability Type**: Non-Persistent Cross-Site Scripting (Non-Persistent XSS) * **Affected Software…

Read more
CVSS 6.4
Stored XSS in WordPress Plugin Netroics Blog Posts Grid 1.0
www.exploit-db.com · 2026-05-10

# WordPress Plugin Netroics Blog Posts Grid 1.0 Stored XSS Vulnerability Summary ## Vulnerability Overview - **Vulnerability Name**: WordPress Plugin Netroics Blog Posts Grid 1.0 - Stored Cross-Site S…

Read more
CVSS 6.2
WordPress amministrazione-aperta 3.7.3 Unauthenticated Local File Read
www.exploit-db.com · 2026-05-10

# WordPress Plugin amministrazione-aperta 3.7.3 - Local File Read - Unauthenticated ## Vulnerability Overview - **Vulnerability Type**: Local File Read (LFR) - **Vulnerability Description**: The WordP…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.