Lucene search
K

7 matches found

ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.3 views

CVE-2025-68882

Missing Authorization vulnerability in Scalenut Scalenut scalenut allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Scalenut: from n/a through = 1.1.3...

7.5CVSS5.3AI score0.00246EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/31 3:1 p.m.25 views

CVE-2025-62147 WordPress Realbig plugin <= 1.1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in nikmelnik Realbig realbig-media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Realbig: from n/a through = 1.1.3...

5.3CVSS0.00176EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.4 views

PT-2025-5431 · Bplugins · Bplugins All Embed – Elementor Addons

Name of the Vulnerable Software and Affected Versions: bPlugins All Embed – Elementor Addons versions 1.1.3 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means an attacker can...

6.5CVSS6.3AI score0.00354EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.4 views

PT-2025-5462 · WordPress · Orbisius Simple Notice

Name of the Vulnerable Software and Affected Versions: Orbisius Simple Notice versions 1.1.3 and earlier Description: The issue affects the Orbisius Simple Notice plugin, allowing Stored XSS due to improper neutralization of input during web page generation. This can lead to cross-site scripting...

5.9CVSS5.5AI score0.00341EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2024/06/18 9:56 p.m.6 views

LicenseStore (=0.1.0), NT-anchor-lang (=0.19.0) +2866 more potentially affected by CVE-2024-58262 via curve25519-dalek (>=1.1.3 <=4.1.0)

curve25519-dalek CARGO version =1.1.3, =0.19.0, =0.4.1, =0.2.4, =0.13.0, =0.16.0, =0.1.0, =0.0.1, =0.1.0, =0.2.0-beta.4, =0.2.0-beta.4, =0.13.0, =0.16.5, =0.16.7 and more Source cves: CVE-2024-58262 Source advisory: OSV:GHSA-X4GP-PQPJ-F43Q...

5.1CVSS5.7AI score0.00152EPSS
Exploits0
CNNVD
CNNVD
added 2024/04/26 12:0 a.m.3 views

WordPress theme Financio 跨站请求伪造漏洞

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports personal blog sites on PHP and MySQL servers.WordPress theme is a theme for WordPress. A cross-site request forgery vulnerability exists in WordPress theme Financio version 1.1.3 and earlier...

4.3CVSS6.5AI score0.002EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/05 12:0 a.m.5 views

PT-2023-20616 · WordPress · Get Your Number Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Get your number WordPress plugin versions 1.1.3 and earlier Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is...

4.8CVSS7.9AI score0.00539EPSS
Exploits2References3
Rows per page
Query Builder