CVE-2026-4745

creationtimestamp| type| source ---|---|--- 2026-03-24 06:48:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhry7uvyye2f 2026-03-24 09:00:30+00:00| seen| https://infosec.exchange/users/offseq/statuses/116283331651758120 2026-03-24 09:00:31+00:00| seen|...

MINI-5RFP-W3R9-4745

Bulletin has no description...

CVE-2022-4745

The WP Customer Area WordPress plugin before 8.1.4 does not have CSRF checks when performing some actions such as chmod, mkdir and copy, which could allow attackers to make a logged-in admin perform them and create arbitrary folders, copy file for example...

CVE-2025-4745

A vulnerability, which was classified as problematic, was found in code-projects Employee Record System 1.0. This affects an unknown part of the file currentemployees.php. The manipulation of the argument employeedid/firstname/middlename/lastname leads to cross site scripting. It is possible to...

CVE-2025-4745

A vulnerability, which was classified as problematic, was found in code-projects Employee Record System 1.0. This affects an unknown part of the file currentemployees.php. The manipulation of the argument employeedid/firstname/middlename/lastname leads to cross site scripting. It is possible to...

CVE-2025-4745

A vulnerability, which was classified as problematic, was found in code-projects Employee Record System 1.0. This affects an unknown part of the file currentemployees.php. The manipulation of the argument employeedid/firstname/middlename/lastname leads to cross site scripting. It is possible to...

CVE-2025-4745

CVE-2025-4745 affects the code-projects Employee Record System 1.0 , specifically the file current_employees.php . The vulnerability arises from improper handling of the arguments employeed_id , first_name , middle_name , and last_name , leading to a cross-site scripting (XSS) condition. Exploita...

CVE-2025-4745 code-projects Employee Record System current_employees.php cross site scripting

A vulnerability, which was classified as problematic, was found in code-projects Employee Record System 1.0. This affects an unknown part of the file currentemployees.php. The manipulation of the argument employeedid/firstname/middlename/lastname leads to cross site scripting. It is possible to...

CVE-2024-4745

Missing Authorization vulnerability in RafflePress Giveaways and Contests by RafflePress.This issue affects Giveaways and Contests by RafflePress: from n/a through 1.12.4...

CVE-2024-4745 WordPress Giveaways and Contests by RafflePress plugin <= 1.12.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in RafflePress Giveaways and Contests by RafflePress.This issue affects Giveaways and Contests by RafflePress: from n/a through 1.12.4...

CVE-2024-4745

CVE-2024-4745 affects the WordPress plugin Giveaways and Contests by RafflePress (versions up to 1.12.4). It is a Missing Authorization vulnerability (broken access control) with limited documented impact in the provided sources. The CVSS indicates Network attack, Low confidentiality/integ/availa...

WordPress Giveaways and Contests by RafflePress Plugin <= 1.12.4 is vulnerable to Broken Access Control

Software Giveaways and Contests by RafflePress Type Plugin Vulnerable versions = 1.12.4 Fixed in 1.12.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-4745 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 632d49d4c2a4 Credits...

CVE-2023-4745

creationtimestamp| type| source ---|---|--- 2023-09-04 07:22:25+00:00| seen| https://t.me/cibsecurity/69753...

CVE-2023-4745 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform importexport.php sql injection

A vulnerability was found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230822. It has been rated as critical. Affected by this issue is some unknown functionality of the file /importexport.php. The manipulation leads to sql injection. The attack may be...

CVE-2023-4745

CVE-2023-4745 concerns Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform (up to 20230822). Multiple sources confirm a vulnerability in the unknown functionality of /importexport.php that leads to SQL injection. The issue can be triggered remotely over the network and ...

CVE-2022-4745

The WP Customer Area WordPress plugin before 8.1.4 does not have CSRF checks when performing some actions such as chmod, mkdir and copy, which could allow attackers to make a logged-in admin perform them and create arbitrary folders, copy file for example...

CVE-2022-4745

The CVE-2022-4745 entry describes a CSRF weakness in the WP Customer Area WordPress plugin prior to version 8.1.4. The issue allows a logged-in attacker to trigger actions such as chmod, mkdir, and copy, potentially causing an admin to perform arbitrary folder creation or file copying. Public sou...

CVE-2022-4745 WP Customer Area < 8.1.4 - Unauthorised Actions via CSRF

The WP Customer Area WordPress plugin before 8.1.4 does not have CSRF checks when performing some actions such as chmod, mkdir and copy, which could allow attackers to make a logged-in admin perform them and create arbitrary folders, copy file for example...

CVE-2022-4745 WP Customer Area < 8.1.4 - Unauthorised Actions via CSRF

The WP Customer Area WordPress plugin before 8.1.4 does not have CSRF checks when performing some actions such as chmod, mkdir and copy, which could allow attackers to make a logged-in admin perform them and create arbitrary folders, copy file for example...

WordPress WP Customer Area Plugin < 8.1.4 is vulnerable to Remote Code Execution (RCE)

Software WP Customer Area Type Plugin Vulnerable versions 8.1.4 Fixed in 8.1.4 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2022-4745 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID fc8e26b37a92 Credits rezaduty Required privilege...