Lucene search
K

6 matches found

Cvelist
Cvelist
added 2025/09/05 4:18 p.m.15 views

CVE-2025-53571 WordPress HAPPY plugin <= 1.0.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through = 1.0.6...

6.5CVSS0.00207EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/05 12:0 a.m.10 views

PT-2025-36253

Name of the Vulnerable Software and Affected Versions: VillaTheme HAPPY versions n/a through 1.0.6 Description: A missing authorization issue exists in VillaTheme HAPPY, allowing exploitation due to incorrectly configured access control security levels. Recommendations: Update VillaTheme HAPPY to...

6.5CVSS6.4AI score0.00207EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/06/06 12:53 p.m.15 views

CVE-2025-49317 WordPress WP Page Loading plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in NTC WP Page Loading wp-page-loading allows Cross Site Request Forgery.This issue affects WP Page Loading: from n/a through = 1.0.6...

4.3CVSS0.0014EPSS
Exploits0References1
NVD
NVD
added 2024/12/18 12:15 p.m.7 views

CVE-2024-55983

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PowerFormBuilder PowerFormBuilder power-forms-builder allows SQL Injection.This issue affects PowerFormBuilder: from n/a through = 1.0.6...

8.5CVSS0.00376EPSS
Exploits0References1
OSV
OSV
added 2024/05/02 5:15 p.m.4 views

CVE-2024-2324

The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Stored Cross-Site Scripting via svg file upload in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers t...

5.4CVSS5.9AI score0.0032EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/07 12:0 a.m.5 views

PT-2024-23987 · WordPress · Easy Login Styler

Name of the Vulnerable Software and Affected Versions: Easy Login Styler – White Label Admin Login Page for WordPress versions 1.0.6 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as cross-site scripting. This allows for...

5.9CVSS8.6AI score0.00339EPSS
Exploits0References3
Rows per page
Query Builder