Lucene search
K

20 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:45 a.m.5 views

CVE-2023-32585

Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery – Responsive Image Gallery: from n/a through 1.4.6...

7.5CVSS8.5AI score0.00799EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:18 p.m.5 views

CVE-2021-32585

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiWAN before 4.5.9 may allow an attacker to perform a stored cross-site scripting attack via specifically crafted HTTP requests...

7.2CVSS6AI score0.00682EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/13 9:0 a.m.4 views

CVE-2025-32585

Path Traversal: '.../...//' vulnerability in Trusty Plugins Shop Products Filter trusty-woo-products-filter allows PHP Local File Inclusion.This issue affects Shop Products Filter: from n/a through = 1.2...

7.5CVSS7.2AI score0.00737EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/11 8:42 a.m.5 views

CVE-2025-32585 WordPress Shop Products Filter Plugin <= 1.2 - Local File Inclusion vulnerability

Path Traversal: '.../...//' vulnerability in Trusty Plugins Shop Products Filter trusty-woo-products-filter allows PHP Local File Inclusion.This issue affects Shop Products Filter: from n/a through = 1.2...

7.5CVSS8.6AI score0.00737EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/11 8:42 a.m.16 views

CVE-2025-32585 WordPress Shop Products Filter Plugin <= 1.2 - Local File Inclusion vulnerability

Path Traversal: '.../...//' vulnerability in Trusty Plugins Shop Products Filter trusty-woo-products-filter allows PHP Local File Inclusion.This issue affects Shop Products Filter: from n/a through = 1.2...

7.5CVSS0.00737EPSS
Exploits0References1
NVD
NVD
added 2024/12/13 3:15 p.m.18 views

CVE-2023-32585

Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery – Responsive Image Gallery: from n/a through 1.4.6...

7.5CVSS0.00799EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/13 2:23 p.m.14 views

CVE-2023-32585 WordPress Portfolio Gallery – Responsive Image Gallery plugin <= 1.4.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery – Responsive Image Gallery: from n/a through 1.4.6...

7.5CVSS0.00799EPSS
Exploits0References1
CVE
CVE
added 2024/12/13 2:23 p.m.44 views

CVE-2023-32585

CVE-2023-32585 relates to the WordPress plugin Portfolio Gallery – Responsive Image Gallery . The vulnerability is a Broken Access Control issue due to an missing authorization check that allowed unauthenticated users to exploit. Affected versions are v1.4.6 and earlier ; the issue is fixed in v1...

7.5CVSS8.5AI score0.00799EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/13 2:23 p.m.5 views

CVE-2023-32585 WordPress Portfolio Gallery – Responsive Image Gallery plugin <= 1.4.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in totalsoft Portfolio Gallery gallery-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery: from n/a through = 1.4.6...

7.5CVSS6.9AI score0.00799EPSS
Exploits0References1
NVD
NVD
added 2024/04/18 10:15 a.m.11 views

CVE-2024-32585

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extendWP Import Content in WordPress & WooCommerce with Excel allows Reflected XSS.This issue affects Import Content in WordPress & WooCommerce with Excel: from n/a through 4.2...

5.9CVSS7AI score0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/18 9:12 a.m.25 views

CVE-2024-32585 WordPress Import Content in WordPress & WooCommerce with Excel plugin <= 4.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extendWP Import Content in WordPress & WooCommerce with Excel allows Reflected XSS.This issue affects Import Content in WordPress & WooCommerce with Excel: from n/a through 4.2...

5.9CVSS7.2AI score0.00338EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/18 9:12 a.m.17 views

CVE-2024-32585 WordPress Import Content in WordPress & WooCommerce with Excel plugin <= 4.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extendWP Import Content in WordPress & WooCommerce with Excel allows Reflected XSS.This issue affects Import Content in WordPress & WooCommerce with Excel: from n/a through 4.2...

7.1CVSS6.9AI score0.00338EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/16 12:0 a.m.10 views

WordPress Import Content in WordPress & WooCommerce with Excel Plugin <= 4.2 is vulnerable to Cross Site Scripting (XSS)

Software Import Content in WordPress & WooCommerce with Excel Type Plugin Vulnerable versions = 4.2 Fixed in 4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32585 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID 597c127e874d Credits...

7.1CVSS6.5AI score0.00338EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/05/11 12:0 a.m.11 views

WordPress Portfolio Gallery – Responsive Image Gallery Plugin <= 1.4.6 is vulnerable to Broken Access Control

Software Portfolio Gallery – Responsive Image Gallery Type Plugin Vulnerable versions = 1.4.6 Fixed in 1.4.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-32585 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 46edb5a7cfb0 Credit...

6.3AI score0.00799EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2022/10/13 3:5 p.m.7 views

CVE-2022-32585

creationtimestamp| type| source ---|---|--- 2022-10-13 15:05:03+00:00| seen| https://t.me/truesecator/3558 2022-10-13 17:22:33+00:00| seen| https://t.me/icscert/629...

9.8CVSS8.5AI score0.02776EPSS
Exploits1References2
Talos Blog
Talos Blog
added 2022/10/12 7:33 p.m.50 views

Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service

Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered nine vulnerabilities in the Robustel R1510 industrial cellular router, several of which could allow an adversary to inject operating system code remotely. The Robustel R1510 router is a...

7.5CVSS1.1AI score0.35165EPSS
Exploits12
CVE
CVE
added 2022/06/30 7:5 p.m.74 views

CVE-2022-32585

Robustel R1510 is affected by CVE-2022-32585 in the clish art2 functionality. TALOS details a pre-auth/administrative-login path where a specially crafted network request can trigger arbitrary command execution, via the art2 feature accessed through the clish console. The 9.1/9.1–9.8 CVSS data in...

9.8CVSS9.5AI score0.02776EPSS
Exploits1References1Affected Software1
Circl
Circl
added 2022/04/06 8:30 p.m.7 views

CVE-2021-32585

creationtimestamp| type| source ---|---|--- 2022-04-06 20:30:24+00:00| seen| https://t.me/cibsecurity/40242...

7.2CVSS6AI score0.00682EPSS
Exploits0References1
CVE
CVE
added 2022/04/06 4:0 p.m.76 views

CVE-2021-32585

Fortinet FortiWAN (pre-4.5.9) is affected by CVE-2021-32585, a stored cross-site scripting (XSS) vulnerability caused by improper input neutralization during web page generation. The issue resides in the log viewer/web interface and can be triggered by specially crafted HTTP requests, allowing an...

7.2CVSS5.9AI score0.00682EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/04/06 4:0 p.m.16 views

CVE-2021-32585

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiWAN before 4.5.9 may allow an attacker to perform a stored cross-site scripting attack via specifically crafted HTTP requests...

7.2CVSS6.8AI score0.00682EPSS
Exploits0References1
Rows per page
Query Builder