We have discovered 848,787 live websites that are affected by CWE-287.
United States | 256,120 websites |
Germany | 105,982 websites |
France | 59,615 websites |
GB | 28,055 websites |
Poland | 26,854 websites |
Russia | 25,219 websites |
Spain | 24,068 websites |
Brazil | 22,802 websites |
Netherlands | 21,154 websites |
Italy | 20,322 websites |
.com | 332,280 websites |
.de | 47,269 websites |
.org | 34,168 websites |
.com.br | 31,074 websites |
.pl | 21,891 websites |
.fr | 21,069 websites |
.nl | 20,988 websites |
.ru | 20,458 websites |
.co.uk | 19,886 websites |
.it | 17,918 websites |
Discovered | CVE | Description | Websites |
---|---|---|---|
Jan, 2025 | CVE-2024-12585 | PropertyHive < 2.1.1 - Reflected XSS | 1,083 |
Dec, 2024 | CVE-2024-10111 | OAuth Single Sign On – SSO (OAuth Client) <= 6.26.3 - Authentication Bypass | 15 |
Dec, 2024 | CVE-2024-11015 | Sign In With Google <= 1.8.0 - Authentication Bypass in authenticate_user | 377 |
Dec, 2024 | CVE-2024-47761 | GLPI vulnerable to account takeover via the password reset feature | 7 |
Nov, 2024 | CVE-2024-52518 | Nextcloud Server is missing password confirmation when changing external storage options | 140 |
Nov, 2024 | CVE-2024-9946 | Social Share, Social Login and Social Comments Plugin – Super Socializer <= 7.13.68 - Authentication Bypass | 7,477 |
Nov, 2024 | CVE-2024-10020 | Heateor Social Login WordPress <= 1.1.35 - Authentication Bypass | 118 |
Nov, 2024 | CVE-2024-10114 | Social Login - WordPress / WooCommerce Plugin <= 2.7.7 - Authentication Bypass | 326 |
Oct, 2024 | CVE-2024-9947 | ProfilePress - Pro <= 4.11.1 - Authentication Bypass | 11,984 |
Oct, 2024 | CVE-2024-45115 | Adobe Commerce | Improper Authentication (CWE-287) | 70 |
Discovered | CVE | Description | Websites |
---|---|---|---|
Apr, 2024 | CVE-2023-47504 | WordPress Elementor plugin <= 3.16.4 - Auth. Arbitrary Attachment Read vulnerability | 692,849 |
Sep, 2024 | CVE-2024-7870 | PixelYourSite – Your smart PIXEL (TAG) & API Manager <= 9.7.1 and PixelYourSite PRO <= 10.4.2 - Unauthenticated Information Exposure and Log Deletion | 82,547 |
Dec, 2023 | CVE-2023-6203 | The Events Calendar < 6.2.8.1 - Unauthenticated Arbitrary Password Protected Post Read | 42,838 |
Oct, 2024 | CVE-2024-9947 | ProfilePress - Pro <= 4.11.1 - Authentication Bypass | 11,984 |
May, 2023 | CVE-2023-32243 | WordPress Essential Addons for Elementor Plugin 5.4.0-5.7.1 is vulnerable to Privilege Escalation | 7,576 |
Jul, 2024 | CVE-2024-6695 | profile-builder <= 3.11.8 - Unauthenticated Privilege Escalation | 7,503 |
Nov, 2024 | CVE-2024-9946 | Social Share, Social Login and Social Comments Plugin – Super Socializer <= 7.13.68 - Authentication Bypass | 7,477 |
Feb, 2021 | CVE-2021-21308 | Improper session management for soft logout | 4,514 |
Apr, 2024 | CVE-2024-1526 | Hubbub Lite < 1.33.1 - Unauthenticated Password Protected Posts Access | 4,219 |
Jul, 2020 | CVE-2020-4074 | Improper Authentication | 4,159 |
Domain | Country | Rank | Contacts |
---|---|---|---|
*****.com | United States | *** | |
****.*******.org | United States | *,*** | |
***********.com | United States | *,*** | |
*******.net | Germany | *,*** | |
***********.com | United States | *,*** | |
***.cz | Czech Republic | *,*** | |
*************************.com | United States | *,*** | |
********.com | United States | *,*** | |
******.com | United States | *,*** | |
************.com | United States | *,*** |