[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":129,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":136,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":142,"vulnerability-27174":149},[4,15,20,28,34,41,46,53,58,65,70,77,83,93,100,105,110,116,121],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"Compliance - Advanced Pentest Reporting (A-B test)","compliance-advanced-pentest-reporting-1","Stop piecing together reports manually. Upgrade today to unlock instant proof for audits.","https://pentest-tools.com/pricing",false,[11],"/features/advanced-pentest-reporting","Unlock audit-ready reports","primary",null,{"title":16,"slug":17,"text":18,"link":8,"external":9,"targets":19,"cta":12,"variant":13,"campaign_id":14},"Compliance - Advanced Pentest Reporting","compliance-advanced-pentest-reporting","Prove your compliance. Get built-in validation with audit-ready reports.",[11],{"title":21,"slug":22,"text":23,"link":8,"external":9,"targets":24,"cta":26,"variant":27,"campaign_id":14},"Compliance - Integrations (A-B test)","compliance-integrations-1","Disconnected tools will fail your next audit. Unlock the integrations needed for compliance.",[25],"/features/integrations","Connect your stack","secondary",{"title":29,"slug":30,"text":31,"link":8,"external":9,"targets":32,"cta":33,"variant":13,"campaign_id":14},"Compliance - Integrations","compliance-integrations","Disconnected tools hide compliance breaches. Stay audit-ready 24/7 with the right integrations.",[25],"Automate your compliance",{"title":35,"slug":36,"text":37,"link":8,"external":9,"targets":38,"cta":40,"variant":13,"campaign_id":14},"Compliance - ML Classifier (A-B test)","compliance-ml-classifier-1","Ghost vulnerabilities drain time and chip your compliance. Upgrade to WebNetSec to stay audit-ready with 50% fewer FPs.",[39],"/features/machine-learning-classifier","Explore WebNetSec",{"title":42,"slug":43,"text":44,"link":8,"external":9,"targets":45,"cta":40,"variant":13,"campaign_id":14},"Compliance - ML Classifier","compliance-ml-classifier","Put compliance on Auto this year with 50% fewer FPs. Go deeper with the WebNetSec plan.",[39],{"title":47,"slug":48,"text":49,"link":8,"external":9,"targets":50,"cta":52,"variant":13,"campaign_id":14},"Compliance - Pentest Robots (A-B test)","compliance-pentest-robots-1","Don’t leave compliance to chance - deploy Pentest Robots to quickly automate your audit readiness.",[51],"/features/pentest-robots","Automate continuous scans",{"title":54,"slug":55,"text":56,"link":8,"external":9,"targets":57,"cta":52,"variant":13,"campaign_id":14},"Compliance - Pentest Robots","compliance-pentest-robots","Put compliance on Auto with Pentest Robots. Available with any plan.",[51],{"title":59,"slug":60,"text":61,"link":8,"external":9,"targets":62,"cta":64,"variant":13,"campaign_id":14},"Compliance - Sniper: Auto-Exploiter (A-B test)","compliance-sniper-auto-exploiter-1","Deliver audit-ready proof instantly and stay compliant 24/7/365 - only with Sniper: Auto-Exploiter. Available with Pentest Suite.",[63],"/exploit-helpers/sniper","Get proof with Pentest Suite",{"title":66,"slug":67,"text":68,"link":8,"external":9,"targets":69,"cta":64,"variant":13,"campaign_id":14},"Compliance - Sniper: Auto-Exploiter","compliance-sniper-auto-exploiter","Get audit-ready proof and put compliance on Auto with our proprietary Sniper: Auto-exploiter. Available with Pentest Suite.",[63],{"title":71,"slug":72,"text":73,"link":8,"external":9,"targets":74,"cta":76,"variant":13,"campaign_id":14},"Compliance - Website Scanner (A-B test)","compliance-website-scanner-1","Web vulnerabilities let in devastating compliance fines. Stay audit-ready with deep, proprietary scans. Available with the WebNetSec plan.",[75],"/website-vulnerability-scanning/website-scanner","Upgrade to WebNetSec",{"title":78,"slug":79,"text":80,"link":8,"external":9,"targets":81,"cta":82,"variant":13,"campaign_id":14},"Compliance - Website Scanner","compliance-website-scanner","Prove real risk instantly and put compliance on Auto with the Website Scanner. Available with the WebNetSec plan.",[75],"Unlock AppSec compliance",{"title":84,"slug":85,"text":86,"link":87,"external":88,"targets":89,"cta":91,"variant":27,"campaign_id":92},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[90],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","nginx-rift",{"title":94,"slug":95,"text":96,"link":8,"external":88,"targets":97,"cta":99,"variant":13,"campaign_id":92},"NGINX Rift free scanner - CVE-2026-42945 - Homepage","nginx-rift-homepage","🚨 Detection for NGINX Rift (CVE-2026-42945) now live. Are you exposed?",[98],"/","Find out with any plan",{"title":101,"slug":102,"text":96,"link":8,"external":88,"targets":103,"cta":99,"variant":13,"campaign_id":92},"NGINX Rift free scanner - CVE-2026-42945 - Network Scanner","nginx-rift-network-scanner",[104],"/network-vulnerability-scanning/network-security-scanner-online",{"title":106,"slug":107,"text":96,"link":8,"external":88,"targets":108,"cta":99,"variant":13,"campaign_id":92},"NGINX Rift free scanner - CVE-2026-42945 - Port Scanner","nginx-rift-port-scanner",[109],"/network-vulnerability-scanning/port-scanner-online-nmap",{"title":111,"slug":112,"text":113,"link":87,"external":88,"targets":114,"cta":91,"variant":27,"campaign_id":92},"NGINX Rift free scanner - CVE-2026-42945 - VulnDB Index","nginx-rift-vulndb","🚨 New: free scanner for NGINX Rift (CVE-2026-42945). Check your targets now.",[115],"/vulnerabilities-exploits",{"title":117,"slug":118,"text":113,"link":87,"external":88,"targets":119,"cta":91,"variant":27,"campaign_id":92},"NGINX Rift free scanner - CVE-2026-42945 -blog","nginx-rift-blog",[120],"/blog",{"title":122,"slug":123,"text":124,"link":125,"external":88,"targets":126,"cta":128,"variant":27,"campaign_id":123},"Office hours #5 - Dragos & Radu","office-hours-5","Office Hours, May 27: AI coding vs. security validation. Join the live discussion.","https://zoom.us/webinar/register/4517794640514/WN_1WYk4PoXTci8uZ2J9lo-ng",[98,75,127,104],"/information-gathering/find-subdomains-of-domain","Save your spot",["Island",130],{"key":131,"params":132,"result":134},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":133},"{}",{"head":135},{},["Island",137],{"key":138,"params":139,"result":140},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":133},{"head":141},{},["Island",143],{"key":144,"params":145,"result":147},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":146},"{\"text-color\":\"gray\"}",{"head":148},{},{"id":150,"detectable_with":151,"vuln_details":158,"vuln_id":175,"name":176,"published":177,"updated":14},27174,{"tool":152,"engine":155},{"id":153,"name":154},1,"Network Scanner",{"id":156,"name":157},2,"Nuclei",{"id":150,"codename":14,"description":14,"severity":159,"risk_description":160,"public_description":161,"public_recommendation":162,"recommendation":14,"references":163,"cvssv3":169,"epss_score":170,"epss_percentile":171,"cve":172,"in_cisa_catalog":9,"date":174,"software_type":14,"vendor":14,"product":14,"ptt_exploit_capabilities":14},"critical","Unauthenticated attackers can install and activate arbitrary WordPress plugins, potentially achieving remote code execution if a vulnerable plugin is installed and activated on the target site.","The Hunk Companion plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the /wp-json/hc/v1/themehunk-import REST API endpoint in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated.","Update Hunk Companion plugin to a version later than 1.8.4 that implements proper capability checks on the /wp-json/hc/v1/themehunk-import REST API endpoint.",[164,165,166,167,168],"https://wordpress.org/plugins/hunk-companion/","https://www.wordfence.com/threat-intel/vulnerabilities/id/9c101fca-037c-4bed-9dc7-baa021a8b59c?source=cve","https://github.com/iSee857/CVE-PoC/blob/main/WordPress_Hunk_Companion(CVE-2024-9707).py","https://github.com/RandomRobbieBF/CVE-2024-9707","https://nvd.nist.gov/vuln/detail/CVE-2024-9707",9.8,0.90276,0.99608,[173],"CVE-2024-9707","2024-10-11T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2024-9707","Hunk Companion \u003C= 1.8.4 - Arbitrary Plugin Installation","2025-05-31T00:00:00Z"]