Lucene search
K

64 matches found

CNNVD
CNNVD
added 2025/01/21 12:0 a.m.4 views

WordPress plugin ARPrice SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

8.5CVSS8.8AI score0.00353EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.7 views

WordPress plugin ARPrice 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

8.8CVSS8.5AI score0.0076EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2025/01/21 12:0 a.m.13 views

PT-2025-2843

Name of the Vulnerable Software and Affected Versions ARPrice versions n/a through 4.0.3 Description The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows Reflected XSS. This enables attackers to inject malicious...

7.1CVSS8.7AI score0.00297EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/01/21 12:0 a.m.5 views

PT-2025-2840 · Arprice · Arprice

Name of the Vulnerable Software and Affected Versions: NotFound ARPrice versions n/a through 4.0.3 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for the injection of SQL code, potentially...

8.5CVSS9.8AI score0.00353EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.4 views

WordPress plugin ARPrice 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

9.8CVSS8.4AI score0.00443EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/21 12:0 a.m.4 views

PT-2025-2841 · Arprice · Arprice

Name of the Vulnerable Software and Affected Versions: ARPrice versions n/a through 4.0.3 Description: The issue is related to the deserialization of untrusted data, which allows object injection in the ARPrice software. This problem can be exploited via the deserialization of untrusted data,...

9.8CVSS9.8AI score0.00443EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.4 views

WordPress plugin ARPrice SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

9.3CVSS8.9AI score0.00345EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.5 views

WordPress plugin ARPrice 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

7.1CVSS7.7AI score0.00297EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/21 12:0 a.m.22 views

PT-2025-2842 · Arprice · Arprice

Name of the Vulnerable Software and Affected Versions: ARPrice versions n/a through 4.0.3 Description: The issue is related to the deserialization of untrusted data, which allows object injection in NotFound ARPrice. Recommendations: For versions n/a through 4.0.3, at the moment, there is no...

8.8CVSS9.6AI score0.0076EPSS
Exploits3References5
Packet Storm
Packet Storm
added 2025/01/14 12:0 a.m.195 views

WordPress ARPrice 4.0.3 PHP Object Injection

WordPress ARPrice plugin versions 4.0.3 and below suffer from an authenticated PHP object injection vulnerability. CVE-2024-49699 ARPrice = 4.0.3 - Authenticated Subscriber+ PHP Object Injection Description The ARPrice plugin for WordPress is vulnerable to PHP Object Injection in versions up to,...

8.8CVSS9AI score0.0076EPSS
Exploits3
GithubExploit
GithubExploit
added 2025/01/10 4:15 p.m.85 views

Exploit for CVE-2024-49699

CVE-2024-49699 ARPrice...

8.8CVSS7.7AI score0.0076EPSS
Exploits3
Patchstack
Patchstack
added 2025/01/03 3:13 p.m.5 views

WordPress ARPrice plugin <= 4.1.3 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin ARPrice versions = 4.1.3...

9.3CVSS8.1AI score0.00345EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/03 3:12 p.m.4 views

WordPress ARPrice plugin <= 4.1.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin ARPrice versions = 4.1.3...

8.5CVSS8.1AI score0.00353EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/03 3:10 p.m.3 views

WordPress ARPrice plugin <= 4.1.3 - Unauthenticated PHP Object Injection vulnerability

Unauthenticated PHP Object Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin ARPrice versions = 4.1.3...

9.8CVSS7.3AI score0.00443EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/03 2:56 p.m.5 views

WordPress ARPrice plugin <= 4.1.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin ARPrice versions = 4.1.3...

7.1CVSS6.1AI score0.00297EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/03 2:9 p.m.6 views

WordPress ARPrice plugin <= 4.1.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin ARPrice versions = 4.1.3...

8.8CVSS7.3AI score0.0076EPSS
Exploits3Affected Software1
Cvelist
Cvelist
added 2022/05/16 2:30 p.m.21 views

CVE-2022-0867 ARPrice Lite < 3.6.1 - Unauthenticated SQLi

The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available to unauthenticated users...

10AI score0.13256EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2021/06/18 12:0 a.m.5 views

The vulnerability of the ARPrice Lite plugin of the WordPress content management system allows a hacker to perform a CSRF attack.

The vulnerability of the ARPrice Lite plugin of the WordPress content management system is related to insufficient protection when entering CSRF requests. Exploiting this vulnerability can allow a remote attacker to execute a CSRF attack...

7.8CVSS6.7AI score0.00685EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2019/08/12 12:0 a.m.7 views

WordPress ARPrice Lite plugin cross-site request forgery vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the core/views/arpriceimportexport.php file in version 2.2 of the WordPr...

6.5CVSS6.8AI score0.00685EPSS
Exploits1References1
NVD
NVD
added 2019/08/08 8:15 p.m.17 views

CVE-2019-14679

core/views/arpriceimportexport.php in the ARPrice Lite plugin 2.2 for WordPress allows wp-admin/admin.php?page=arpliteimportexport CSRF...

6.5CVSS6.6AI score0.00685EPSS
Exploits1References2
Rows per page
Query Builder