Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 16.123 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 177 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 16.123

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	CVSSv3	EPSS Score	EPSS Percentile	Exploitable with Sniper
Advanced Custom Fields Extended < 0.9.2 - Remote Code Execution CVE-2025-13486	Network Scanner	Dec 15, 2025	Critical(9.8)	0.01	0.56	No
WordPress Coming Soon Page - Full Path Disclosure	Network Scanner	Dec 15, 2025	Low	N/A	N/A	No
WordPress Astra - Full Path Disclosure	Network Scanner	Dec 15, 2025	Low	N/A	N/A	No
Ambassador API Gateway Diagnostics - Exposure	Network Scanner	Dec 15, 2025	Medium	N/A	N/A	No
WordPress Shortcodes Ultimate <= 5.0.0 - Authenticated Remote Code Execution CVE-2017-18580	Network Scanner	Dec 15, 2025	High(8.8)	0.09	0.93	No
Limit Login Attempts - Stored Cross-Site Scripting CVE-2022-1029	Network Scanner	Dec 15, 2025	Medium(4.8)	0.01	0.54	No
WordPress Solid Security < 9.0.1 - Unauthenticated Login Page Disclosure	Network Scanner	Dec 15, 2025	Medium	N/A	N/A	No
WordPress Plugin Max Mega Menu (megamenu) - Full Path Disclosure	Network Scanner	Dec 15, 2025	Low	N/A	N/A	No
WordPress WP-PageNavi - Full Path Disclosure	Network Scanner	Dec 15, 2025	Low	N/A	N/A	No
WordPress All in One SEO Pack - Full Path Disclosure	Network Scanner	Dec 14, 2025	Low	N/A	N/A	No
WordPress ManageWP Worker - Full Path Disclosure	Network Scanner	Dec 13, 2025	Low	N/A	N/A	No
Advanced Custom Fields (ACF) - Full Path Disclosure	Network Scanner	Dec 13, 2025	Low	N/A	N/A	No
WordPress Plugin Google Tag Manager - Full Path Disclosure	Network Scanner	Dec 13, 2025	Low	N/A	N/A	No
WordPress Plugin Newsletter - Full Path Disclosure	Network Scanner	Dec 13, 2025	Low	N/A	N/A	No
WordPress Plugin reCaptcha by BestWebSoft (google-captcha) - Full Path Disclosure	Network Scanner	Dec 13, 2025	Low	N/A	N/A	No
Limit Login Attempts WordPress - Stored Cross-site Scripting CVE-2021-24657	Network Scanner	Dec 13, 2025	Medium(6.1)	0.04	0.88	No
React Server Components - Denial of Service CVE-2025-55184	Network Scanner	Dec 13, 2025	High(7.5)	0.03	0.87	No
WordPress Plugin SG Optimizer - Full Path Disclosure	Network Scanner	Dec 13, 2025	Low	N/A	N/A	No
WordPress Plugin WooCommerce Admin (woocommerce-admin) Full Path Disclosure	Network Scanner	Dec 12, 2025	Low	N/A	N/A	No
WordPress Easy Google Fonts - Error Log Disclosure	Network Scanner	Dec 12, 2025	Low	N/A	N/A	No
.buildpath - File Disclosure	Network Scanner	Dec 12, 2025	Low	N/A	N/A	No
WordPress Importer - Error Log Disclosure	Network Scanner	Dec 12, 2025	Low	N/A	N/A	No
XWiki - Information Disclosure CVE-2025-55749	Network Scanner	Dec 12, 2025	High(7.5)	0.02	0.82	No
Monsta FTP <= 2.11.2 - Unauthenticated Remote Code Execution CVE-2025-34299	Network Scanner	Dec 12, 2025	Critical(9.8)	0.56	0.98	No
Nexus Repository Manager - Anonymous Access Enabled	Network Scanner	Dec 11, 2025	Medium	N/A	N/A	No

Vulnerability & Exploit Database

One of EMEA's fastest-growing tech companies.

50,000+ security folks are here. Are you?

More than demos - real faces, real insight.

Security leaders trust what they can prove