bug-bounty507
xss274
rce154
google122
bragging-post119
account-takeover115
facebook111
privilege-escalation101
exploit98
malware97
authentication-bypass95
open-source94
microsoft90
csrf87
access-control78
stored-xss75
cve73
ai-agents67
web-security66
reflected-xss63
phishing60
information-disclosure52
input-validation52
sql-injection51
smart-contract49
privacy49
cross-site-scripting48
ssrf48
defi48
tool46
reverse-engineering46
ethereum46
writeup45
api-security45
ai-security41
apple40
vulnerability-disclosure40
web-application38
llm38
opinion37
burp-suite37
automation36
web336
responsible-disclosure35
credential-theft35
remote-code-execution34
supply-chain34
race-condition34
browser33
infrastructure33
0
3/10
An unauthenticated SQL injection vulnerability in the Elementor Ally WordPress plugin (400k+ installations) allows attackers to steal sensitive data without requiring authentication.
Elementor
Ally
WordPress