Lucene search
K

63 matches found

NVD
NVD
added 3 days ago5 views

CVE-2026-61970

Server-Side Request Forgery SSRF vulnerability in Themeisle Auto Featured Image Auto Post Thumbnail auto-post-thumbnail allows Server Side Request Forgery.This issue affects Auto Featured Image Auto Post Thumbnail: from n/a through = 5.0.4...

4.9CVSS0.00119EPSS
Exploits0References1
CVE
CVE
added 3 days ago11 views

CVE-2026-61970

The CVE-2026-61970 entry concerns a Server-Side Request Forgery (SSRF) in the Themeisle Auto Featured Image (Auto Post Thumbnail) WordPress plugin. Affected versions are <= 5.0.4 (reported as from n/a through

4.9CVSS6.1AI score0.00119EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-61970 WordPress Auto Featured Image (Auto Post Thumbnail) plugin <= 5.0.4 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Themeisle Auto Featured Image Auto Post Thumbnail auto-post-thumbnail allows Server Side Request Forgery.This issue affects Auto Featured Image Auto Post Thumbnail: from n/a through = 5.0.4...

4.9CVSS0.00119EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/02/16 6:58 p.m.6 views

WordPress Auto Featured Image (Auto Post Thumbnail) plugin <= 4.1.7 - Authenticated (Author+) Server-Side Request Forgery vulnerability

Authenticated Author+ Server-Side Request Forgery vulnerability discovered by Nex Team in WordPress Plugin Auto Featured Image Auto Post Thumbnail versions = 4.1.7...

6.4CVSS5.5AI score0.0026EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/17 8:7 a.m.5 views

CVE-2025-13794

The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkactiongeneratehandler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...

4.3CVSS5.1AI score0.00293EPSS
Exploits0References1
NVD
NVD
added 2025/12/16 6:15 a.m.6 views

CVE-2025-13794

The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkactiongeneratehandler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...

4.3CVSS0.00293EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/16 5:25 a.m.2 views

CVE-2025-13794 Auto Featured Image <= 4.2.1 - Missing Authorization to Authenticated (Contributor+) Post Thumbnail Modification

The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkactiongeneratehandler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...

4.3CVSS4.7AI score0.00293EPSS
Exploits0References3
CVE
CVE
added 2025/12/16 5:25 a.m.8 views

CVE-2025-13794

CVE-2025-13794 affects the Auto Featured Image (Auto Post Thumbnail) WordPress plugin. Versions up to and including 4.2.1 are vulnerable due to a missing capability check in bulk_action_generate_handler, enabling an authenticated user with Contributor-level access or higher to delete or generate ...

4.3CVSS4.7AI score0.00293EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/16 5:25 a.m.36 views

CVE-2025-13794 Auto Featured Image <= 4.2.1 - Missing Authorization to Authenticated (Contributor+) Post Thumbnail Modification

The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkactiongeneratehandler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...

4.3CVSS0.00293EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/12/16 12:37 a.m.7 views

WordPress Auto Featured Image plugin <= 4.2.1 - Missing Authorization to Authenticated (Contributor+) Post Thumbnail Modification vulnerability

Missing Authorization to Authenticated Contributor+ Post Thumbnail Modification vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Auto Featured Image Auto Post Thumbnail versions = 4.2.1...

4.3CVSS6.7AI score0.00293EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.6 views

PT-2025-51372

Name of the Vulnerable Software and Affected Versions Auto Featured Image Auto Post Thumbnail plugin for WordPress versions through 4.2.1 Description The Auto Featured Image Auto Post Thumbnail plugin for WordPress has a flaw that allows unauthorized modification of data. A missing capability che...

4.3CVSS6.2AI score0.00293EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.5 views

WordPress plugin Auto Featured Image (Auto Post Thumbnail) 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.3AI score0.00293EPSS
Exploits0References2
CNVD
CNVD
added 2025/10/31 12:0 a.m.4 views

WordPress Plugin Auto Featured Image Server-Side Request Forgery Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A server-side request forgery vulnerability exists in the WordPress plugin Auto Featured Image,...

7.7CVSS6.5AI score0.00042EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/29 7:32 a.m.6 views

CVE-2025-10145

The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.7 via the uploadtolibrary function. This makes it possible for authenticated attackers, with Author-level access and above, to make web requests ...

7.7CVSS5.7AI score0.00042EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/10/28 6:16 a.m.6 views

WordPress Auto Featured Image (Auto Post Thumbnail) plugin <= 4.1.7 - Authenticated (Author+) Server-Side Request Forgery vulnerability

Authenticated Author+ Server-Side Request Forgery vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Auto Featured Image Auto Post Thumbnail versions = 4.1.7...

6.8AI score0.00042EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/10/28 6:15 a.m.7 views

CVE-2025-10145

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-7073. Reason: This candidate is a reservation duplicate of CVE-2023-7073. Notes: All CVE users should reference CVE-2023-7073 instead of this candidate. All references and descriptions in this candidate have been remov...

0.00042EPSS
Exploits0
CVE
CVE
added 2025/10/28 5:27 a.m.12 views

CVE-2025-10145

CVE-2025-10145 entry is rejected; refer to CVE-2023-7073 instead.

5.4AI score0.00042EPSS
Exploits0
Cvelist
Cvelist
added 2025/10/28 5:27 a.m.7 views

CVE-2025-10145

...

0.00042EPSS
Exploits0
CNNVD
CNNVD
added 2025/10/28 12:0 a.m.6 views

编号撤回

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A server-side request forgery vulnerability exists in the WordPress plugin Auto Featured Image,...

5.7AI score0.00042EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-11844

Malware in sbrugna...

6.1CVSS6.2AI score0.008EPSS
Exploits2References2
Rows per page
Query Builder