Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-28891

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00462EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-28890

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00474EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/20 6:39 a.m.4 views

CVE-2025-9202 ColorMag <= 4.0.19 - Missing Authorization to Authenticated (Subscriber+) ThemeGrill Demo Importer Plugin Installation

The ColorMag theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the welcomenoticeimporthandler function in all versions up to, and including, 4.0.19. This makes it possible for authenticated attackers, with Subscriber-level access and above...

4.3CVSS6.7AI score0.0022EPSS
Exploits0References3
CNVD
CNVD
added 2022/04/19 12:0 a.m.18 views

WordPress plugin Access Demo Importer cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin Access Demo Importer 1.0.7 and earlier versions are vulnerable to cross-site request...

4.3CVSS3.5AI score0.00474EPSS
Exploits0Affected Software1
OSV
OSV
added 2022/04/18 5:15 p.m.5 views

CVE-2022-23976

Cross-Site Request Forgery CSRF in Access Demo Importer = 1.0.7 on WordPress allows an attacker to reset all data posts / pages / media...

8.1CVSS5.8AI score0.00462EPSS
Exploits0References2
OSV
OSV
added 2022/04/18 5:15 p.m.3 views

CVE-2022-23975

Cross-Site Request Forgery CSRF in Access Demo Importer = 1.0.7 on WordPress allows an attacker to activate any installed plugin...

6.5CVSS5.8AI score0.00474EPSS
Exploits0References2
NVD
NVD
added 2022/04/18 5:15 p.m.17 views

CVE-2022-23976

Cross-Site Request Forgery CSRF in Access Demo Importer = 1.0.7 on WordPress allows an attacker to reset all data posts / pages / media...

8.1CVSS0.00462EPSS
Exploits0References2
NVD
NVD
added 2022/04/18 5:15 p.m.22 views

CVE-2022-23975

Cross-Site Request Forgery CSRF in Access Demo Importer = 1.0.7 on WordPress allows an attacker to activate any installed plugin...

6.5CVSS0.00474EPSS
Exploits0References2
Prion
Prion
added 2022/04/18 5:15 p.m.13 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF in Access Demo Importer = 1.0.7 on WordPress allows an attacker to activate any installed plugin...

4.3CVSS6.5AI score0.00474EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/04/18 4:20 p.m.5 views

CVE-2022-23976 WordPress Access Demo Importer plugin <= 1.0.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Data Reset (Posts / Pages / Media)

Cross-Site Request Forgery CSRF in Access Demo Importer = 1.0.7 on WordPress allows an attacker to reset all data posts / pages / media...

8.1CVSS8.2AI score0.00462EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/04/18 4:20 p.m.25 views

CVE-2022-23976 WordPress Access Demo Importer plugin <= 1.0.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Data Reset (Posts / Pages / Media)

Cross-Site Request Forgery CSRF in Access Demo Importer = 1.0.7 on WordPress allows an attacker to reset all data posts / pages / media...

8.1CVSS8.4AI score0.00462EPSS
Exploits0References2
CVE
CVE
added 2022/04/18 4:20 p.m.83 views

CVE-2022-23976

CVE-2022-23976 describes a CSRF vulnerability in the WordPress plugin Access Demo Importer

8.1CVSS8.2AI score0.00462EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/04/18 4:20 p.m.25 views

CVE-2022-23975 WordPress Access Demo Importer plugin <= 1.0.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Arbitrary Plugin Activation

Cross-Site Request Forgery CSRF in Access Demo Importer = 1.0.7 on WordPress allows an attacker to activate any installed plugin...

6.5CVSS6.8AI score0.00474EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/04/18 12:0 a.m.6 views

WordPress plugin Access Demo Importer 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

8.1CVSS7.6AI score0.00462EPSS
Exploits0References3
Patchstack
Patchstack
added 2022/01/24 12:0 a.m.28 views

WordPress Access Demo Importer plugin <= 1.0.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Data Reset (Posts / Pages / Media)

Cross-Site Request Forgery CSRF vulnerability leading to Data Reset Posts / Pages / Media discovered by Ex.Mi Patchstack in WordPress Access Demo Importer plugin versions = 1.0.7. Solution Update the WordPress Access Demo Importer plugin to the latest available version at least 1.0.8...

8.1CVSS4.4AI score0.00462EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2022/01/24 12:0 a.m.19 views

Access Demo Importer < 1.0.8 - Arbitrary Plugin Activation via CSRF

The plugin does not have CSRF check in place when activating installed plugins, which could allow an attacker to make a logged in admin perform such action via a CSRF attack...

6.5CVSS4.8AI score0.00474EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/01/24 12:0 a.m.23 views

WordPress Access Demo Importer plugin <= 1.0.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Arbitrary Plugin Activation

Cross-Site Request Forgery CSRF vulnerability leading to Arbitrary Plugin Activation discovered by Ex.Mi Patchstack in WordPress Access Demo Importer plugin versions = 1.0.7. Solution Update the WordPress Access Demo Importer plugin to the latest available version at least 1.0.8...

6.5CVSS5.2AI score0.00474EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/10/11 12:0 a.m.8 views

WordPress 代码问题漏洞

WordPress is a blogging platform developed by the WordPress Wordpress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. uninstall is one of the plugins used to completely uninstall WordPress. WordPress Plugin A code issue exists due to a missin...

8.8CVSS7.8AI score0.01652EPSS
Exploits2References6
Wordfence Blog
Wordfence Blog
added 2021/10/06 4:43 p.m.41 views

High Severity Vulnerability Patched in Access Demo Importer Plugin

Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. On August 9, 2021, the Wordfence Threat Intelligence team attempted to initiate the responsible disclosure process for a vulnerability that we discovered in...

6.5CVSS8.9AI score0.01652EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2021/10/06 12:0 a.m.20 views

Access Demo Importer < 1.0.7 - Subscriber+ Arbitrary File Upload

Versions up to, and including, 1.0.6, of the Access Demo Importer WordPress plugin are vulnerable to arbitrary file uploads via the pluginofflineinstaller AJAX action due to a missing capability check in the pluginofflineinstallercallback functionfound in the /inc/demo-functions.php file along wi...

8.8CVSS1.7AI score0.01652EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder