[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":42,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":49,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":55,"vulnerability-1503":62},[4,15,21,30,37],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[11],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","secondary","nginx-rift",{"title":16,"slug":17,"text":18,"link":8,"external":9,"targets":19,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 -blog","nginx-rift-blog","🚨 New: free scanner for NGINX Rift (CVE-2026-42945). Check your targets now.",[20],"/blog",{"title":22,"slug":23,"text":24,"link":25,"external":9,"targets":26,"cta":28,"variant":13,"campaign_id":29},"phpBB authentication bypass - VulnDB homepage","phpbb-authentication-bypass-vulndb","Detect 2 new CVEs our research team discovered in phpBB","https://pentest-tools.com/vulnerabilities-exploits/phpbb-authentication-bypass_29369",[27],"/vulnerabilities-exploits","See the details","phpbb-authentication-bypass",{"title":31,"slug":32,"text":33,"link":34,"external":9,"targets":35,"cta":36,"variant":13,"campaign_id":29},"phpBB authentication bypass - CVE page","phpbb-authentication-bypass-cve","See how our research team discovered these 2 new CVEs in phpBB","https://pentest-tools.com/research/phpbb-authentication-bypass",[27],"Read the research",{"title":38,"slug":39,"text":24,"link":25,"external":9,"targets":40,"cta":28,"variant":13,"campaign_id":29},"phpBB authentication bypass - Sniper","phpbb-authentication-bypass-sniper",[41],"/exploit-helpers/sniper",["Island",43],{"key":44,"params":45,"result":47},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":46},"{}",{"head":48},{},["Island",50],{"key":51,"params":52,"result":53},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":46},{"head":54},{},["Island",56],{"key":57,"params":58,"result":60},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":59},"{\"text-color\":\"gray\"}",{"head":61},{},{"id":63,"detectable_with":64,"vuln_details":71,"vuln_id":88,"name":89,"published":90,"updated":72},1503,{"tool":65,"engine":68},{"id":66,"name":67},1,"Network Scanner",{"id":69,"name":70},2,"Nuclei",{"id":63,"codename":72,"description":72,"severity":73,"risk_description":74,"public_description":75,"public_recommendation":76,"recommendation":72,"references":77,"cvssv3":81,"epss_score":82,"epss_percentile":83,"cve":84,"in_cisa_catalog":86,"date":87,"software_type":72,"vendor":72,"product":72,"ptt_exploit_capabilities":72},null,"medium","High-privilege authenticated attackers (admin) can inject stored XSS through plugin settings fields, potentially compromising other administrator accounts even when unfiltered_html capability is disabled in WordPress multisite environments.","The SEO by 10Web WordPress plugin before 1.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).","Update SEO by 10Web plugin to version 1.2.7 or later that properly sanitizes and escapes settings fields to prevent stored XSS attacks.",[78,79,80],"https://wpscan.com/vulnerability/a76b6d22-1e00-428a-8a04-12162bd0d992","https://packetstormsecurity.com/files/173725/WordPress-Seo-By-10Web-Cross-Site-Scripting.html","https://nvd.nist.gov/vuln/detail/CVE-2023-2224",4.8,0.00909,0.55418,[85],"CVE-2023-2224",false,"2023-06-05T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2023-2224","Seo By 10Web \u003C 1.2.7 - Cross-Site Scripting","2023-10-06T00:00:00Z"]