Lucene search
K

2686 matches found

Cvelist
Cvelist
added 2026/06/16 8:57 p.m.22 views

CVE-2025-69131 WordPress WordPress & WooCommerce Scraper Plugin, Import Data from Any Site plugin <= 1.0.7 - Arbitrary File Download vulnerability

Unauthenticated Arbitrary File Download in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...

7.5CVSS0.00467EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.24 views

PT-2026-50082

Unauthenticated Arbitrary File Download in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...

7.5CVSS5.2AI score0.00467EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/15 9:30 p.m.11 views

EUVD-2026-36941

Author Arbitrary File Download in Download Monitor = 5.1.9 versions...

4.4CVSS5.2AI score0.00337EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:17 p.m.14 views

CVE-2026-49061

Unauthenticated Arbitrary File Download in WPC Product Options for WooCommerce = 3.2.1 versions...

7.5CVSS0.00362EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.10 views

CVE-2026-39489

Author Arbitrary File Download in Download Monitor = 5.1.9 versions...

4.4CVSS0.00337EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:19 p.m.7 views

CVE-2026-49061 WordPress WPC Product Options for WooCommerce plugin <= 3.2.1 - Arbitrary File Download vulnerability

Unauthenticated Arbitrary File Download in WPC Product Options for WooCommerce = 3.2.1 versions...

7.5CVSS5.2AI score0.00362EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:19 p.m.25 views

CVE-2026-49061

CVE-2026-49061 : Unauthenticated arbitrary file download in the WordPress plugin WPC Product Options for WooCommerce (versions

7.5CVSS5.2AI score0.00362EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:19 p.m.8 views

EUVD-2026-36870

Unauthenticated Arbitrary File Download in WPC Product Options for WooCommerce = 3.2.1 versions...

7.5CVSS5.2AI score0.00362EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.31 views

CVE-2026-49061 WordPress WPC Product Options for WooCommerce plugin <= 3.2.1 - Arbitrary File Download vulnerability

Unauthenticated Arbitrary File Download in WPC Product Options for WooCommerce = 3.2.1 versions...

7.5CVSS0.00362EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:17 p.m.10 views

CVE-2026-39489 WordPress Download Monitor plugin <= 5.1.9 - Non-Arbitrary File Download vulnerability

Author Arbitrary File Download in Download Monitor = 5.1.9 versions...

4.4CVSS5.2AI score0.00337EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:17 p.m.15 views

CVE-2026-39489

The CVE-2026-39489 entry details a vulnerability in WordPress Download Monitor plugin versions

4.4CVSS5.2AI score0.00337EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:17 p.m.28 views

CVE-2026-39489 WordPress Download Monitor plugin <= 5.1.9 - Non-Arbitrary File Download vulnerability

Author Arbitrary File Download in Download Monitor = 5.1.9 versions...

4.4CVSS0.00337EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 12:0 p.m.38 views

CVE-2016-20081 WordPress Plugin HB Audio Gallery Lite 1.0.0 Path Traversal File Download

WordPress Plugin HB Audio Gallery Lite 1.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the filepath parameter. Attackers can send requests to the audio-download.php endpoint with directory traversal sequences to acces...

8.7CVSS0.00641EPSS
Exploits0References3
CVE
CVE
added 2026/06/15 12:0 p.m.15 views

CVE-2016-20076

WordPress Simple-Backup 2.7.11 is affected by multiple vulnerabilities that allow unauthenticated attackers to delete arbitrary files and download sensitive files via the delete_backup_file and download_backup_file parameters in tools.php. The issue arises from insufficient input validation and d...

8.7CVSS5.5AI score0.00601EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/15 10:4 a.m.13 views

CVE-2026-34026 Path traversal in Wertheim SafeController Software allows authenticated users to download arbitrary files

Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a path traversal vulnerability in the documentName parameter of the /safe/selfservice/openselfservicedocument endpoint. The application constructs a file path using attacker-controlled input without sufficient validation,...

7.1CVSS5.4AI score0.00394EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.16 views

PT-2026-49500

Unauthenticated Arbitrary File Download in WPC Product Options for WooCommerce = 3.2.1 versions...

7.5CVSS5.2AI score0.00362EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.11 views

PT-2026-49383

Author Arbitrary File Download in Download Monitor = 5.1.9 versions...

4.4CVSS5.2AI score0.00337EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.18 views

PT-2026-49197

Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a path traversal vulnerability in the documentName parameter of the /safe/selfservice/openselfservicedocument endpoint. The application constructs a file path using attacker-controlled input without sufficient validation,...

7.1CVSS5.4AI score0.00394EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.16 views

PT-2026-49219

WordPress Plugin HB Audio Gallery Lite 1.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the file path parameter. Attackers can send requests to the audio-download.php endpoint with directory traversal sequences to acce...

8.7CVSS5.3AI score0.00641EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/06/12 11:32 a.m.10 views

WordPress WordPress & WooCommerce Scraper Plugin, Import Data from Any Site plugin <= 1.0.7 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Bonds in WordPress Plugin WordPress & WooCommerce Scraper Plugin, Import Data from Any Site versions = 1.0.7...

7.5CVSS5.3AI score0.00467EPSS
Exploits0Affected Software1
Rows per page
Query Builder