Vulnerabilities with Nuclei Scanner Templates

Updated 46m ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

346,589 CVEs tracked 53,640 with exploits 4,860 exploited in wild 1,583 CISA KEV 4,077 Nuclei templates 52,361 vendors 43,897 researchers
4,077 results Clear all
CVE-2023-1890 6.1 MEDIUM NUCLEI EPSS 0.11
Tablesome WordPress <1.0.9 - XSS
The Tablesome WordPress plugin before 1.0.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting
May 15, 2023
CVE-2023-1835 6.1 MEDIUM NUCLEI EPSS 0.18
Ninja Forms Contact Form <3.6.22 - XSS
The Ninja Forms Contact Form WordPress plugin before 3.6.22 does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
May 15, 2023
CVE-2023-0600 9.8 CRITICAL EXPLOITED NUCLEI EPSS 0.77
Plugins-market WP Visitor Statistics < 6.9 - SQL Injection
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 6.9 does not escape user input which is concatenated to an SQL query, allowing unauthenticated visitors to conduct SQL Injection attacks.
CWE-89 May 15, 2023
CVE-2023-1698 9.8 CRITICAL EXPLOITED 6 PoCs Analysis NUCLEI EPSS 0.94
WAGO - Privilege Escalation
In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.
CWE-78 May 15, 2023
CVE-2023-1408 7.2 HIGH NUCLEI EPSS 0.21
Video List Manager <1.7 - SQL Injection
The Video List Manager WordPress plugin through 1.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin
May 08, 2023
CVE-2023-0948 6.1 MEDIUM NUCLEI EPSS 0.18
Artisanworkshop Japanized For Woocommerce < 2.5.8 - XSS
The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting
CWE-79 May 08, 2023
CVE-2023-0514 6.1 MEDIUM NUCLEI EPSS 0.12
Membership Database < 1.0 - XSS
The Membership Database WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
CWE-79 May 08, 2023
CVE-2023-2479 9.8 CRITICAL 1 Writeup NUCLEI EPSS 0.93
Appium-desktop < 1.22.3-4 - OS Command Injection
OS Command Injection in GitHub repository appium/appium-desktop prior to v1.22.3-4.
CWE-78 May 02, 2023
CVE-2023-1730 9.8 CRITICAL NUCLEI EPSS 0.82
SupportCandy WP <3.1.5 - SQL Injection
The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated attackers to perform SQL injection attacks
CWE-89 May 02, 2023
CVE-2023-1546 6.1 MEDIUM NUCLEI EPSS 0.25
MyCryptoCheckout <2.124 - XSS
The MyCryptoCheckout WordPress plugin before 2.124 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting
CWE-79 May 02, 2023
CVE-2023-2356 7.5 HIGH 1 Writeup NUCLEI EPSS 0.90
mlflow/mlflow <2.3.1 - Path Traversal
Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1.
CWE-23 Apr 28, 2023
CVE-2023-1020 9.8 CRITICAL EXPLOITED NUCLEI EPSS 0.82
WP Live Chat Shoutbox < 1.4.2 - SQL Injection
The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.
Apr 24, 2023
CVE-2023-2227 9.1 CRITICAL 1 Writeup NUCLEI EPSS 0.90
Modoboa < 2.1.0 - Improper Authorization
Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0.
CWE-285 Apr 21, 2023
CVE-2023-1892 9.6 CRITICAL 1 Writeup NUCLEI EPSS 0.74
sidekiq/sidekiq <7.0.8 - XSS
Cross-site Scripting (XSS) - Reflected in GitHub repository sidekiq/sidekiq prior to 7.0.8.
CWE-79 Apr 21, 2023
CVE-2023-20864 9.8 CRITICAL NUCLEI EPSS 0.93
Vmware Aria Operations For Logs < 8.12.0 - Insecure Deserialization
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.
CWE-502 Apr 20, 2023
CVE-2023-22893 7.5 HIGH EXPLOITED NUCLEI EPSS 0.77
Strapi < 4.6.0 - Authentication Bypass
Strapi through 4.5.5 does not verify the access or ID tokens issued during the OAuth flow when the AWS Cognito login provider is used for authentication. A remote attacker could forge an ID token that is signed using the 'None' type algorithm to bypass authentication and impersonate any user that use AWS Cognito for authentication.
CWE-287 Apr 19, 2023
CVE-2023-22621 7.2 HIGH EXPLOITED 1 PoC Analysis NUCLEI EPSS 0.91
Strapi < 4.5.6 - Injection
Strapi through 4.5.5 allows authenticated Server-Side Template Injection (SSTI) that can be exploited to execute arbitrary code on the server. A remote attacker with access to the Strapi admin panel can inject a crafted payload that executes code on the server into an email template that bypasses the validation checks that should prevent code execution.
CWE-74 Apr 19, 2023
CVE-2023-2130 6.3 MEDIUM NUCLEI EPSS 0.81
SourceCodester Purchase Order Management System 1.0 - SQL Injection
A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Affected is an unknown function of the file /admin/suppliers/view_details.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-226206 is the identifier assigned to this vulnerability.
CWE-89 Apr 17, 2023
CVE-2023-2059 4.3 MEDIUM EXPLOITED 1 Writeup NUCLEI EPSS 0.06
Dedecms - Path Traversal
A vulnerability was found in DedeCMS 5.7.87. It has been rated as problematic. Affected by this issue is some unknown functionality of the file uploads/include/dialog/select_templets.php. The manipulation leads to path traversal: '..\filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225944.
CWE-28 Apr 14, 2023
CVE-2023-22897 6.5 MEDIUM EXPLOITED 1 Writeup NUCLEI EPSS 0.89
Securepoint Unified Threat Management - Use of Uninitialized Resource
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obtained but not used.
CWE-908 Apr 12, 2023

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest CVEs with Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-35414: Three Bugs, One Commit, and Two More Nobody Mentioned
Apr 03, 2026
WP Google Map Plugin - Three Weak Links, One Critical Chain
Mar 29, 2026
CVE-2026-24289: Windows Kernel IOCP Race Condition - The Ghost We Proved by Salting the Circle
Mar 16, 2026
CVE-2026-3910: The Type the Compiler Promised -- A V8 JIT Story in Seven Acts
Mar 16, 2026
Six AI Agents, One Security Company: The Paperclip AI Experiment
Mar 16, 2026
CVE-2026-4105: systemd-machined Privilege Escalation - 72 Minutes from Drop to Bypass
Mar 13, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
CVE-2025-12421 CRITICAL
Mattermost <11.0.2, 10.12.1, 10.11.4, 10.5.12 - Auth Bypass
 View all labs →

KEV Gaps

CVE-2025-29635
Dlink Dir-823x Firmware - Command Injection
 CVE-2024-57728
Simple-help Simplehelp < 5.5.8 - Symlink Following
 CVE-2024-57726
Simple-help Simplehelp < 5.5.8 - Missing Authorization
 CVE-2026-20133
Cisco Catalyst SD-WAN Manager - Info Disclosure
 CVE-2026-20128
Cisco Catalyst SD-WAN Manager - Privilege Escalation
 CVE-2026-20122
Cisco Catalyst SD-WAN Manager - Path Traversal
 CVE-2025-32975
Quest KACE SMA <14.1.101 - Auth Bypass
 CVE-2025-48700
Zimbra Collaboration <10.1 - XSS
 CVE-2025-2749
Kentico Xperience < 13.0.178 - Path Traversal
 CVE-2023-27351
Papercut MF < 20.1.7 - Authentication Bypass
 CVE-2009-0238
Microsoft Office <2007 SP1 - RCE
 CVE-2012-1854
Microsoft Office <2010 - Privilege Escalation