[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":42,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":49,"vulnerability-2916":55,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":87},[4,15,21,30,37],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[11],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","secondary","nginx-rift",{"title":16,"slug":17,"text":18,"link":8,"external":9,"targets":19,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 -blog","nginx-rift-blog","🚨 New: free scanner for NGINX Rift (CVE-2026-42945). Check your targets now.",[20],"/blog",{"title":22,"slug":23,"text":24,"link":25,"external":9,"targets":26,"cta":28,"variant":13,"campaign_id":29},"phpBB authentication bypass - VulnDB homepage","phpbb-authentication-bypass-vulndb","Detect 2 new CVEs our research team discovered in phpBB","https://pentest-tools.com/vulnerabilities-exploits/phpbb-authentication-bypass_29369",[27],"/vulnerabilities-exploits","See the details","phpbb-authentication-bypass",{"title":31,"slug":32,"text":33,"link":34,"external":9,"targets":35,"cta":36,"variant":13,"campaign_id":29},"phpBB authentication bypass - CVE page","phpbb-authentication-bypass-cve","See how our research team discovered these 2 new CVEs in phpBB","https://pentest-tools.com/research/phpbb-authentication-bypass",[27],"Read the research",{"title":38,"slug":39,"text":24,"link":25,"external":9,"targets":40,"cta":28,"variant":13,"campaign_id":29},"phpBB authentication bypass - Sniper","phpbb-authentication-bypass-sniper",[41],"/exploit-helpers/sniper",["Island",43],{"key":44,"params":45,"result":47},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":46},"{}",{"head":48},{},["Island",50],{"key":51,"params":52,"result":53},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":46},{"head":54},{},{"id":56,"detectable_with":57,"vuln_details":64,"vuln_id":84,"name":85,"published":86,"updated":65},2916,{"tool":58,"engine":61},{"id":59,"name":60},1,"Network Scanner",{"id":62,"name":63},2,"Nuclei",{"id":56,"codename":65,"description":65,"severity":66,"risk_description":67,"public_description":68,"public_recommendation":69,"recommendation":65,"references":70,"cvssv3":77,"epss_score":78,"epss_percentile":79,"cve":80,"in_cisa_catalog":82,"date":83,"software_type":65,"vendor":65,"product":65,"ptt_exploit_capabilities":65},null,"critical","The risk exists that a remote unauthenticated attacker can fully compromise the server to steal confidential information, install ransomware, or pivot to the internal network.","WordPress Kaswara Modern VC Addons plugin through 3.0.1 is susceptible to an arbitrary file upload. The plugin allows unauthenticated arbitrary file upload via the uploadFontIcon AJAX action, which can be used to obtain code execution. The supplied zipfile is unzipped in the wp-content/uploads/kaswara/fonts_icon directory with no checks for malicious files such as PHP.","Update to the latest version of Kaswara Modern VC Addons plugin (>=3.0.2) to mitigate this vulnerability.",[71,72,73,74,75,76],"https://wpscan.com/vulnerability/8d66e338-a88f-4610-8d12-43e8be2da8c5","https://github.com/advisories/GHSA-wqvg-8q49-hjc7","https://www.wordfence.com/blog/2021/04/psa-remove-kaswara-modern-wpbakery-page-builder-addons-plugin-immediately/","https://www.waltermairena.net/en/2021/04/25/0-day-vulnerability-in-the-plugin-kaswara-modern-vc-addons-plugin-what-can-i-do/","https://lifeinhex.com/kaswara-exploit-or-how-much-wordfence-cares-about-user-security/","https://nvd.nist.gov/vuln/detail/CVE-2021-24284",9.8,0.4214,0.98517,[81],"CVE-2021-24284",false,"2021-05-14T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2021-24284","WordPress Kaswara Modern VC Addons \u003C=3.0.1 - Arbitrary File Upload","2023-07-04T00:00:00Z",["Island",88],{"key":89,"params":90,"result":92},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":91},"{\"text-color\":\"gray\"}",{"head":93},{}]