Lucene search
K

3976 matches found

Vulnrichment
Vulnrichment
added 2025/12/18 7:21 a.m.3 views

CVE-2025-59134 WordPress Sale! Immigration law, Visa services support, Migration Agent Consulting theme <= 1.5.8 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through = 1.5.8...

8.8CVSS6.6AI score0.00307EPSS
Exploits0References1
CVE
CVE
added 2025/12/18 7:21 a.m.7 views

CVE-2025-58710

CVE-2025-58710 affects the WordPress e-plugins Hotel Listing plugin (hotel-listing component) up to version 1.4.0. Root cause: incorrect privilege assignment that allows privilege escalation. CVSS 3.1 base score 8.6 (HIGH), with confidentiality impact HIGH and other partial impacts. Remediation: ...

8.8CVSS6.6AI score0.00307EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:21 a.m.4 views

CVE-2025-58710 WordPress Hotel Listing plugin <= 1.4.0 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through = 1.4.0...

8.8CVSS6.6AI score0.00307EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 7:21 a.m.27 views

CVE-2025-58710 WordPress Hotel Listing plugin <= 1.4.0 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through = 1.4.0...

8.8CVSS0.00307EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 7:21 a.m.22 views

CVE-2025-55707 WordPress PostX Plugin <= 4.1.35 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through = 4.1.35...

7.2CVSS0.0034EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:21 a.m.2 views

CVE-2025-55707 WordPress PostX Plugin <= 4.1.35 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through = 4.1.35...

6.6AI score0.0034EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:21 a.m.3 views

CVE-2025-49379 WordPress Custom Fields Account Registration For Woocommerce plugin <= 1.2 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in silverplugins217 Custom Fields Account Registration For Woocommerce custom-fields-account-registration-for-woocommerce allows Privilege Escalation.This issue affects Custom Fields Account Registration For Woocommerce: from n/a through = 1.2...

7.2CVSS6.6AI score0.0033EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/18 12:34 a.m.6 views

EUVD-2023-60216

UliCMS 2023.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through mass assignment in the UserController. Attackers can send a crafted POST request to the admin index.php endpoint with specific parameters to generate an administrative...

9.8CVSS6.6AI score0.00598EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.3 views

WordPress plugin PostX 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

7.2CVSS6.7AI score0.0034EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.3 views

WordPress plugin PenciDesign Soledad 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

9.8CVSS6.7AI score0.00371EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.3 views

WordPress plugin Hotel Listing 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

8.8CVSS6.7AI score0.00307EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.5 views

PT-2025-52057

Name of the Vulnerable Software and Affected Versions e-plugins Hotel Listing versions through 1.4.0 Description An incorrect privilege assignment exists in the Hotel Listing plugin, potentially allowing privilege escalation. The issue is present in the hotel-listing component. Recommendations...

8.6CVSS6.7AI score0.00307EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.4 views

PT-2025-52102

Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through = 1.5.8...

7AI score0.00307EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.5 views

PT-2025-52051

Name of the Vulnerable Software and Affected Versions PostX versions through 4.1.35 Description An incorrect privilege assignment exists in WPXPO PostX ultimate-post, potentially allowing privilege escalation. Recommendations Update PostX to a version later than 4.1.35...

7.2CVSS6.7AI score0.0034EPSS
Exploits0References3
OSV
OSV
added 2025/12/17 11:15 p.m.2 views

CVE-2023-53914

UliCMS 2023.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through mass assignment in the UserController. Attackers can send a crafted POST request to the admin index.php endpoint with specific parameters to generate an administrative...

9.3CVSS5.9AI score0.00598EPSS
Exploits1References3
NVD
NVD
added 2025/12/17 11:15 p.m.3 views

CVE-2023-53914

UliCMS 2023.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through mass assignment in the UserController. Attackers can send a crafted POST request to the admin index.php endpoint with specific parameters to generate an administrative...

9.8CVSS0.00598EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/17 10:44 p.m.3 views

CVE-2023-53914 UliCMS 2023.1 Authentication Bypass via Mass Assignment Vulnerability

UliCMS 2023.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through mass assignment in the UserController. Attackers can send a crafted POST request to the admin index.php endpoint with specific parameters to generate an administrative...

9.8CVSS6.7AI score0.00598EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/17 10:44 p.m.18 views

CVE-2023-53914 UliCMS 2023.1 Authentication Bypass via Mass Assignment Vulnerability

UliCMS 2023.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through mass assignment in the UserController. Attackers can send a crafted POST request to the admin index.php endpoint with specific parameters to generate an administrative...

9.8CVSS0.00598EPSS
Exploits1References3
CVE
CVE
added 2025/12/17 10:44 p.m.11 views

CVE-2023-53914

CVE-2023-53914 affects UliCMS 2023.1. An authentication bypass exists due to mass assignment in the UserController, enabling unauthenticated attackers to create admin users by sending a crafted POST to the admin/index.php endpoint with specific parameters, yielding full system access. Root cause:...

9.8CVSS6.7AI score0.00598EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.3 views

UliCMS 安全漏洞

UliCMS is a content management system CMS open source by UliCMS. The system supports features such as access control and WYSIWYG editing. A security vulnerability exists in UliCMS version 2023.1, which stems from an improper bulk assignment in UserController that could lead to authentication bypa...

9.8CVSS6.8AI score0.00598EPSS
Exploits1References5
Rows per page
Query Builder