Vulnerabilities with Nuclei Scanner Templates

Updated 1h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

346,682 CVEs tracked 53,700 with exploits 4,860 exploited in wild 1,583 CISA KEV 4,077 Nuclei templates 52,389 vendors 43,933 researchers
4,077 results Clear all
CVE-2022-0434 9.8 CRITICAL EXPLOITED NUCLEI EPSS 0.88
WordPress Plugin <2.4.15 - SQL Injection
The Page View Count WordPress plugin before 2.4.15 does not sanitise and escape the post_ids parameter before using it in a SQL statement via a REST endpoint, available to both unauthenticated and authenticated users. As a result, unauthenticated attackers could perform SQL injection attacks
CWE-89 Mar 07, 2022
CVE-2022-0429 6.1 MEDIUM EXPLOITED NUCLEI EPSS 0.00
WP Cerber Security - XSS
The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 8.9.6 does not sanitise the $url variable before using it in an attribute in the Activity tab in the plugins dashboard, leading to an unauthenticated stored Cross-Site Scripting vulnerability.
CWE-79 Mar 07, 2022
CVE-2022-0422 6.1 MEDIUM NUCLEI EPSS 0.07
White Label CMS <2.2.9 - XSS
The White Label CMS WordPress plugin before 2.2.9 does not sanitise and validate the wlcms[_login_custom_js] parameter before outputting it back in the response while previewing, leading to a Reflected Cross-Site Scripting issue
CWE-79 Mar 07, 2022
CVE-2022-0349 9.8 CRITICAL NUCLEI EPSS 0.62
NotificationX <2.3.9 - SQL Injection
The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter before using it in a SQL statement, leading to an Unauthenticated Blind SQL Injection
CWE-89 Mar 07, 2022
CVE-2022-0869 6.1 MEDIUM 1 PoC 1 Writeup Analysis NUCLEI EPSS 0.04
Spirit < 0.12.3 - Open Redirect
Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3.
CWE-601 Mar 06, 2022
CVE-2022-22947 10.0 CRITICAL KEV SSVC ACTIVE 66 PoCs Analysis NUCLEI EPSS 0.94
Spring Cloud Gateway Remote Code Execution
In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.
CWE-917 Mar 03, 2022
CVE-2022-0824 8.8 HIGH 7 PoCs Analysis NUCLEI EPSS 0.93
Webmin < 1.990 - Incorrect Authorization
Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990.
CWE-284 Mar 02, 2022
CVE-2022-0776 6.1 MEDIUM 1 Writeup NUCLEI EPSS 0.20
GitHub hakimel/reveal.js <4.3.0 - XSS
Cross-site Scripting (XSS) - DOM in GitHub repository hakimel/reveal.js prior to 4.3.0.
CWE-79 Mar 01, 2022
CVE-2022-0412 9.8 CRITICAL 1 PoC NUCLEI EPSS 0.86
TI WooCommerce Wishlist <1.40.1 - SQL Injection
The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress plugin before 1.40.1 do not sanitise and escape the item_id parameter before using it in a SQL statement via the wishlist/remove_product REST endpoint, allowing unauthenticated attackers to perform SQL injection attacks
CWE-89 Feb 28, 2022
CVE-2022-0189 6.1 MEDIUM NUCLEI EPSS 0.03
WP RSS Aggregator <4.20 - XSS
The WP RSS Aggregator WordPress plugin before 4.20 does not sanitise and escape the id parameter in the wprss_fetch_items_row_action AJAX action before outputting it back in the response, leading to a Reflected Cross-Site Scripting
CWE-79 Feb 28, 2022
CVE-2022-0150 6.1 MEDIUM NUCLEI EPSS 0.01
WP Accessibility Helper <0.6.0.7 - XSS
The WP Accessibility Helper (WAH) WordPress plugin before 0.6.0.7 does not sanitise and escape the wahi parameter before outputting back its base64 decode value in the page, leading to a Reflected Cross-Site Scripting issue
CWE-79 Feb 28, 2022
CVE-2022-0653 6.1 MEDIUM EXPLOITED NUCLEI EPSS 0.06
Profile Builder <3.6.1 - XSS
The Profile Builder – User Profile & User Registration Forms WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the site_url parameter found in the ~/assets/misc/fallback-page.php file which allows attackers to inject arbitrary web scripts onto a pages that executes whenever a user clicks on a specially crafted link by an attacker. This affects versions up to and including 3.6.1.
CWE-79 Feb 24, 2022
CVE-2022-0651 9.8 CRITICAL NUCLEI EPSS 0.69
WP Statistics <13.1.5 - SQL Injection
The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the current_page_type parameter found in the ~/includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 13.1.5.
CWE-89 Feb 24, 2022
CVE-2022-21705 7.2 HIGH 1 Writeup NUCLEI EPSS 0.77
October < 1.0.474 - Injection
Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. In affected versions user input was not properly sanitized before rendering. An authenticated user with the permissions to create, modify and delete website pages can exploit this vulnerability to bypass `cms.safe_mode` / `cms.enableSafeMode` in order to execute arbitrary code. This issue only affects admin panels that rely on safe mode and restricted permissions. To exploit this vulnerability, an attacker must first have access to the backend area. The issue has been patched in Build 474 (v1.0.474) and v1.1.10. Users unable to upgrade should apply https://github.com/octobercms/library/commit/c393c5ce9ca2c5acc3ed6c9bb0dab5ffd61965fe to your installation manually.
CWE-74 Feb 23, 2022
CVE-2022-0692 6.1 MEDIUM 1 Writeup NUCLEI EPSS 0.21
Rudloff/alltube <3.0.1 - Open Redirect
Open Redirect on Rudloff/alltube in Packagist rudloff/alltube prior to 3.0.1.
CWE-601 Feb 21, 2022
CVE-2022-0288 6.1 MEDIUM EXPLOITED NUCLEI EPSS 0.02
Ad Inserter <2.7.10 - XSS
The Ad Inserter WordPress plugin before 2.7.10, Ad Inserter Pro WordPress plugin before 2.7.10 do not sanitise and escape the html_element_selection parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting
CWE-79 Feb 21, 2022
CVE-2022-0234 6.1 MEDIUM NUCLEI EPSS 0.03
WOOCS WordPress <1.3.7.5 - XSS
The WOOCS WordPress plugin before 1.3.7.5 does not sanitise and escape the woocs_in_order_currency parameter of the woocs_get_products_price_html AJAX action (available to both unauthenticated and authenticated users) before outputting it back in the response, leading to a Reflected Cross-Site Scripting
CWE-79 Feb 21, 2022
CVE-2022-0228 7.2 HIGH NUCLEI EPSS 0.04
Popup Builder <4.0.7 - SQL Injection
The Popup Builder WordPress plugin before 4.0.7 does not validate and properly escape the orderby and order parameters before using them in a SQL statement in the admin dashboard, which could allow high privilege users to perform SQL injection
CWE-89 Feb 21, 2022
CVE-2022-0678 6.1 MEDIUM 1 Writeup NUCLEI EPSS 0.01
Packagist microweber/microweber <1.2.11 - XSS
Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11.
CWE-79 Feb 19, 2022
CVE-2022-0666 7.5 HIGH 1 PoC NUCLEI EPSS 0.23
microweber/microweber <1.2.11 - Stack Trace Exposure
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11.
CWE-93 Feb 18, 2022

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest CVEs with Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-35414: Three Bugs, One Commit, and Two More Nobody Mentioned
Apr 03, 2026
WP Google Map Plugin - Three Weak Links, One Critical Chain
Mar 29, 2026
CVE-2026-24289: Windows Kernel IOCP Race Condition - The Ghost We Proved by Salting the Circle
Mar 16, 2026
CVE-2026-3910: The Type the Compiler Promised -- A V8 JIT Story in Seven Acts
Mar 16, 2026
Six AI Agents, One Security Company: The Paperclip AI Experiment
Mar 16, 2026
CVE-2026-4105: systemd-machined Privilege Escalation - 72 Minutes from Drop to Bypass
Mar 13, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
CVE-2025-12421 CRITICAL
Mattermost <11.0.2, 10.12.1, 10.11.4, 10.5.12 - Auth Bypass
 View all labs →

KEV Gaps

CVE-2025-29635
Dlink Dir-823x Firmware - Command Injection
 CVE-2024-57728
Simple-help Simplehelp < 5.5.8 - Symlink Following
 CVE-2024-57726
Simple-help Simplehelp < 5.5.8 - Missing Authorization
 CVE-2026-20133
Cisco Catalyst SD-WAN Manager - Info Disclosure
 CVE-2026-20128
Cisco Catalyst SD-WAN Manager - Privilege Escalation
 CVE-2026-20122
Cisco Catalyst SD-WAN Manager - Path Traversal
 CVE-2025-32975
Quest KACE SMA <14.1.101 - Auth Bypass
 CVE-2025-48700
Zimbra Collaboration <10.1 - XSS
 CVE-2025-2749
Kentico Xperience < 13.0.178 - Path Traversal
 CVE-2023-27351
Papercut MF < 20.1.7 - Authentication Bypass
 CVE-2009-0238
Microsoft Office <2007 SP1 - RCE
 CVE-2012-1854
Microsoft Office <2010 - Privilege Escalation