Lucene search
K

388 matches found

NVD
NVD
added 2026/07/02 12:17 p.m.8 views

CVE-2026-57753

Unauthenticated Sensitive Data Exposure in Kit formerly ConvertKit for WooCommerce = 2.1.5 versions...

5.3CVSS0.00206EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/07/02 8:52 a.m.6 views

WordPress Kit (formerly ConvertKit) for WooCommerce plugin <= 2.1.6 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Kit formerly ConvertKit for WooCommerce versions = 2.1.6...

5.3CVSS5.9AI score0.00206EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.9 views

PT-2026-55041

Name of the Vulnerable Software and Affected Versions Kit formerly ConvertKit for WooCommerce versions prior to 2.1.6 Description An unauthenticated sensitive data exposure issue exists in the plugin, allowing unauthorized users to access confidential information without providing credentials...

5.3CVSS5.9AI score0.00206EPSS
Exploits0References5
NVD
NVD
added 2026/06/19 5:16 p.m.11 views

CVE-2017-20276

Joomla! Component SIMGenealogy 2.1.5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the type parameter. Attackers can send GET requests to index.php with the option=comsimgenealogy, view=latest parameters...

8.8CVSS0.00237EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 1:19 p.m.10 views

CVE-2025-69177

Unauthenticated Local File Inclusion in Roneous = 2.1.5 versions...

8.1CVSS0.00474EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 8:57 p.m.21 views

CVE-2025-69177

CVE-2025-69177 refers to an Unauthenticated Local File Inclusion in the WordPress Roneous theme ≤ 2.1.5. The vulnerability arises from Local File Inclusion in the Roneous theme, enabling an attacker to access restricted files without authentication. The CVSS 3.1 vector (AV:N/AC:H/PR:N/UI:N/S:U/C:...

8.1CVSS5.1AI score0.00474EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 9:30 p.m.8 views

EUVD-2026-36957

Unauthenticated Broken Access Control in Masteriyo - LMS = 2.1.5 versions...

7.5CVSS5.1AI score0.00246EPSS
Exploits0References2
CVE
CVE
added 2026/06/15 8:18 p.m.10 views

CVE-2026-39524

CVE-2026-39524 affects the WordPress Masteriyo LMS plugin &lt;= 2.1.5. The vulnerability is described as Unauthenticated Broken Access Control, enabling a payment bypass vulnerability without authentication. CVSS 3.1 base score 7.5 (HIGH) with NETWORK attack vector, LOW attack complexity, and no ...

7.5CVSS5.1AI score0.00246EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.13 views

PT-2026-49396

Unauthenticated Broken Access Control in Masteriyo - LMS = 2.1.5 versions...

7.5CVSS5.1AI score0.00246EPSS
Exploits0References2
NVD
NVD
added 2026/05/26 8:16 p.m.17 views

CVE-2026-27331

Missing Authorization vulnerability in Magepeople inc. WpTravelly allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpTravelly: from n/a through 2.1.5...

6.3CVSS0.00157EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 7:29 p.m.9 views

CVE-2026-27331

Missing Authorization vulnerability in Magepeople inc. WpTravelly allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpTravelly: from n/a through 2.1.5...

6.3CVSS5.8AI score0.00157EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/26 7:29 p.m.12 views

EUVD-2026-31961

Missing Authorization vulnerability in Magepeople inc. WpTravelly allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpTravelly: from n/a through 2.1.5...

6.3CVSS5.8AI score0.00157EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/30 6:30 p.m.12 views

Krayin CRM allows a remote attacker to execute arbitrary code via compose email function

An issue in Krayin CRM v.2.1.5, which was fixed in v.2.1.6 allows a remote attacker to execute arbitrary code via the compose email function...

8.1CVSS6.2AI score0.00567EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.12 views

Webkul Krayin CRM 代码注入漏洞

Webkul Krayin CRM is a free and open-source CRM solution for small and medium-sized businesses developed by the Indian company Webkul. Version 2.1.5 of Webkul Krayin CRM contains a code injection vulnerability, which stems from issues with the compose email function. This vulnerability could allo...

8.1CVSS6.2AI score0.00567EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/30 12:0 a.m.7 views

CVE-2026-36340

An issue in Krayin CRM v.2.1.5 and fixed in v.2.1.6 allows a remote attacker to execute arbitrary code via the compose email function...

6AI score0.00567EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.7 views

PT-2026-36116

An issue in Krayin CRM v.2.1.5 and fixed in v.2.1.6 allows a remote attacker to execute arbitrary code via the compose email function...

8.1CVSS6AI score0.00567EPSS
Exploits1References4
Patchstack
Patchstack
added 2026/04/08 12:54 p.m.8 views

WordPress Masteriyo - LMS plugin <= 2.1.5 - Payment Bypass vulnerability

WordPress Masteriyo - LMS plugin = 2.1.5 - Payment Bypass vulnerability discovered by davidfdzmorilla in WordPress Plugin Masteriyo - LMS versions = 2.1.5...

5.8AI score0.00246EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 5:4 p.m.3 views

CVE-2026-25380

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jwsthemes Feedy feedy allows PHP Local File Inclusion.This issue affects Feedy: from n/a through 2.1.5...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/26 4:58 p.m.2 views

CVE-2026-33438 Stirling-PDF vulnerable to DoS via add-watermark

Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. Versions starting in 2.1.5 and prior to 2.5.2 have Denial of Service DoS vulnerability in the Stirling-PDF watermark functionality /api/v1/security/add-watermark endpoint. The vulnerabilit...

6.5CVSS5.8AI score0.00398EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.15 views

PT-2026-28483

Name of the Vulnerable Software and Affected Versions Stirling-PDF versions 2.1.5 through 2.5.1 Description Stirling-PDF is a locally hosted web application for PDF file operations. An authenticated user can trigger a Denial of Service DoS condition by submitting extreme values for the fontSize a...

6.5CVSS5.9AI score0.00398EPSS
Exploits1References4
Rows per page
Query Builder