Nxploited

156 exploits Active since Nov 2023
CVE-2025-32579 NOMISEC CRITICAL WORKING POC
SoftClever Limited Sync Posts <1.0 - RCE
Unrestricted Upload of File with Dangerous Type vulnerability in SoftClever Limited Sync Posts sync-posts allows Upload a Web Shell to a Web Server.This issue affects Sync Posts: from n/a through <= 1.0.
1 stars
CVSS 9.9
CVE-2025-39596 NOMISEC CRITICAL WORKING POC
Quentn WP <1.2.8 - Privilege Escalation
Weak Authentication vulnerability in Quentn.com GmbH Quentn WP quentn-wp allows Privilege Escalation.This issue affects Quentn WP: from n/a through <= 1.2.8.
1 stars
CVSS 9.8
CVE-2025-39601 NOMISEC CRITICAL WORKING POC
WPFactory Custom CSS, JS & PHP <2.4.1 - CSRF
Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Custom CSS, JS & PHP custom-css allows Remote Code Inclusion.This issue affects Custom CSS, JS & PHP: from n/a through <= 2.4.1.
1 stars
CVSS 9.6
CVE-2025-25101 NOMISEC CRITICAL WORKING POC
MetricThemes Munk Sites <1.0.8 - CSRF
Cross-Site Request Forgery (CSRF) vulnerability in MetricThemes Munk Sites munk-sites allows Cross Site Request Forgery.This issue affects Munk Sites: from n/a through <= 1.0.7.
1 stars
CVSS 9.6
CVE-2025-39538 NOMISEC MEDIUM WORKING POC
WP-Advanced-Search <3.3.9.3 - Code Injection
Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search wp-advanced-search allows Upload a Web Shell to a Web Server.This issue affects WP-Advanced-Search: from n/a through <= 3.3.9.4.
1 stars
CVSS 6.6
CVE-2025-32118 NOMISEC CRITICAL WORKING POC
NiteoThemes CMP - Unrestricted Upload
Unrestricted Upload of File with Dangerous Type vulnerability in NiteoThemes CMP – Coming Soon & Maintenance cmp-coming-soon-maintenance allows Using Malicious Files.This issue affects CMP – Coming Soon & Maintenance: from n/a through <= 4.1.14.
1 stars
CVSS 9.1
CVE-2025-14440 NOMISEC CRITICAL WORKING POC
JAY Login & Register <2.4.01 - Auth Bypass
The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jay_login_register_process_switch_back' function with the 'jay_login_register_process_switch_back' cookie value. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id.
1 stars
CVSS 9.8
CVE-2025-14156 NOMISEC CRITICAL WORKING POC
Fox LMS - WordPress LMS Plugin <1.0.5.1 - Privilege Escalation
The Fox LMS – WordPress LMS Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.5.1. This is due to the plugin not properly validating the 'role' parameter when creating new users via the `/fox-lms/v1/payments/create-order` REST API endpoint. This makes it possible for unauthenticated attackers to create new user accounts with arbitrary roles, including administrator, leading to complete site compromise.
1 stars
CVSS 9.8
CVE-2025-28915 NOMISEC CRITICAL WORKING POC
ThemeEgg ToolKit <= 1.2.9 - Arbitrary File Upload
Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit themeegg-toolkit allows Upload a Web Shell to a Web Server.This issue affects ThemeEgg ToolKit: from n/a through <= 1.2.9.
1 stars
CVSS 9.1
CVE-2024-51793 NOMISEC CRITICAL WORKING POC
Webful Creations Computer Repair Shop <3.8115 - RCE
Unrestricted Upload of File with Dangerous Type vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Upload a Web Shell to a Web Server.This issue affects RepairBuddy: from n/a through <= 3.8115.
1 stars
CVSS 10.0
CVE-2024-50492 NOMISEC HIGH WORKING POC
Scott Paterson ScottCart <= 1.1 - Remote Code Execution
Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson ScottCart scottcart allows Code Injection.This issue affects ScottCart: from n/a through <= 1.1.
1 stars
CVSS 8.3
CVE-2024-49668 NOMISEC CRITICAL WORKING POC
Verbalize WP <= 1.0 - Unauthenticated Arbitrary File Upload
Unrestricted Upload of File with Dangerous Type vulnerability in christopherdewese1099 Verbalize WP verbalize-wp allows Upload a Web Shell to a Web Server.This issue affects Verbalize WP: from n/a through <= 1.0.
1 stars
CVSS 10.0
CVE-2024-9756 NOMISEC MEDIUM WORKING POC
Order Attachments for WooCommerce 2.0-2.4.1 - Authenticated Arbitrary File Upload via wcoa_add_attachment AJAX Action
The Order Attachments for WooCommerce plugin for WordPress is vulnerable to unauthorized limited arbitrary file uploads due to a missing capability check on the wcoa_add_attachment AJAX action in versions 2.0 to 2.4.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload limited file types.
1 stars
CVSS 4.3
CVE-2024-9593 NOMISEC HIGH WORKING POC
Time Clock and Time Clock Pro <= 1.2.2 - Unauthenticated Remote Code Execution via etimeclockwp_load_function_callback
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 (for Time Clock) and 1.1.4 (for Time Clock Pro) via the 'etimeclockwp_load_function_callback' function. This allows unauthenticated attackers to execute code on the server. The invoked function's parameters cannot be specified.
1 stars
CVSS 8.3
CVE-2024-9234 NOMISEC CRITICAL WORKING POC
GutenKit < 2.1.0 - Unauthenticated Arbitrary File Upload via install-active-plugin Endpoint
The GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the install_and_activate_plugin_from_external() function (install-active-plugin REST API endpoint) in all versions up to, and including, 2.1.0. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins, or utilize the functionality to upload arbitrary files spoofed like plugins.
1 stars
CVSS 9.8
CVE-2024-56249 NOMISEC CRITICAL WORKING POC
Webdeclic WPMasterToolKit <1.13.1 - Code Injection
Unrestricted Upload of File with Dangerous Type vulnerability in Ludwig You WPMasterToolKit wpmastertoolkit allows Upload a Web Shell to a Web Server.This issue affects WPMasterToolKit: from n/a through <= 1.13.1.
1 stars
CVSS 9.1
CVE-2024-54363 NOMISEC CRITICAL WORKING POC
nssTheme Wp NssUser Register <1.0.0 - Privilege Escalation
Incorrect Privilege Assignment vulnerability in saiful.total Wp NssUser Register wp-nssuser-register allows Privilege Escalation.This issue affects Wp NssUser Register: from n/a through <= 1.0.0.
1 stars
CVSS 9.8
CVE-2024-52402 NOMISEC CRITICAL WORKING POC
Cliconomics Exclusive Content Password Protect - CSRF
Cross-Site Request Forgery (CSRF) vulnerability in gunghoinc Exclusive Content Password Protect exclusive-content-password-protect allows Upload a Web Shell to a Web Server.This issue affects Exclusive Content Password Protect: from n/a through <= 1.1.0.
1 stars
CVSS 9.6
CVE-2024-3673 NOMISEC CRITICAL WORKING POC
Web Directory Free <1.7.3 - Code Injection
The Web Directory Free WordPress plugin before 1.7.3 does not validate a parameter before using it in an include(), which could lead to Local File Inclusion issues.
1 stars
CVSS 9.1
CVE-2024-30485 NOMISEC HIGH WORKING POC
XLPlugins Finale Lite < 2.18.0 - Unauthenticated Arbitrary Plugin Installation and Activation
Missing Authorization vulnerability in XLPlugins Finale Lite.This issue affects Finale Lite: from n/a through 2.18.0.
1 stars
CVSS 8.8
CVE-2024-12252 NOMISEC CRITICAL WORKING POC
SEO LAT Auto Post <= 2.2.1 - Unauthenticated File Overwrite and Remote Code Execution via remote_update AJAX Action
The SEO LAT Auto Post plugin for WordPress is vulnerable to file overwrite due to a missing capability check on the remote_update AJAX action in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to overwrite the seo-beginner-auto-post.php file which can be leveraged to achieve remote code execution.
1 stars
CVSS 9.8
CVE-2024-10124 NOMISEC CRITICAL WORKING POC
Vayu Blocks - Unauthorized Plugin Installation
The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation due to a missing capability check on the tp_install() function in all versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated. This vulnerability was partially patched in version 1.1.1.
1 stars
CVSS 9.8
CVE-2024-10673 NOMISEC HIGH WORKING POC
Top Store theme <1.5.4 - Privilege Escalation
The Top Store theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the top_store_install_and_activate_callback() function in all versions up to, and including, 1.5.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to install arbitrary plugins which can contain other exploitable vulnerabilities to elevate privileges and gain remote code execution.
1 stars
CVSS 8.8
CVE-2026-20182 GITHUB CRITICAL WORKING POC
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show Control Connections guidance to help with system checks.&nbsp; A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to the affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.
CVSS 10.0
CVE-2026-27540 GITHUB CRITICAL python WORKING POC
WordPress Woocommerce Wholesale Lead Capture plugin <= 2.0.3.1 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture woocommerce-wholesale-lead-capture allows Using Malicious Files.This issue affects Woocommerce Wholesale Lead Capture: from n/a through <= 2.0.3.1.
CVSS 9.0