Lucene search
K

342 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 9:32 p.m.8 views

CVE-2022-2564

Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6...

9.8CVSS6.6AI score0.32676EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:47 a.m.8 views

CVE-2024-37115

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Automattic Newspack Blocks.This issue affects Newspack Blocks: from n/a through 3.0.8...

7.5CVSS6.8AI score0.00551EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:39 a.m.6 views

CVE-2024-37424

Unrestricted Upload of File with Dangerous Type vulnerability in Automattic Newspack Blocks allows Upload a Web Shell to a Web Server.This issue affects Newspack Blocks: from n/a through 3.0.8...

9.9CVSS6.8AI score0.00492EPSS
Exploits0References1
NVD
NVD
added 2025/01/02 2:15 p.m.17 views

CVE-2024-37241

Cross-Site Request Forgery CSRF vulnerability in Automattic WP Job Manager - Resume Manager allows Cross Site Request Forgery.This issue affects WP Job Manager - Resume Manager: from n/a through 2.1.0...

4.3CVSS0.00199EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/02 1:33 p.m.16 views

CVE-2024-37241 WordPress WP Job Manager Resume Manager plugin <= 2.1.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Automattic WP Job Manager - Resume Manager allows Cross Site Request Forgery.This issue affects WP Job Manager - Resume Manager: from n/a through 2.1.0...

4.3CVSS0.00199EPSS
Exploits0References1
NVD
NVD
added 2025/01/02 12:15 p.m.7 views

CVE-2024-37242

Cross-Site Request Forgery CSRF vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Cross Site Request Forgery.This issue affects Newspack Newsletters: from n/a through = 2.13.2...

4.3CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/02 12:0 p.m.18 views

CVE-2024-37242 WordPress Newspack Newsletters plugin <= 2.13.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Cross Site Request Forgery.This issue affects Newspack Newsletters: from n/a through = 2.13.2...

4.3CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2025/01/02 12:0 p.m.43 views

CVE-2024-37242

CVE-2024-37242 is a Cross-Site Request Forgery (CSRF) vulnerability in Automattic Newspack Newsletters, affecting version range n/a through 2.13.2. The connected records confirm the issue as a CSRF flaw in the WordPress plugin and reference public disclosures; no exploitation details or official ...

4.3CVSS5.9AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2024/11/19 5:15 p.m.8 views

CVE-2024-43338

Cross-Site Request Forgery CSRF vulnerability in Automattic Crowdsignal Dashboard – Polls, Surveys & more polldaddy allows Cross Site Request Forgery.This issue affects Crowdsignal Dashboard – Polls, Surveys & more: from n/a through = 3.1.3...

4.3CVSS0.00214EPSS
Exploits0References1
CVE
CVE
added 2024/11/19 4:32 p.m.48 views

CVE-2024-43338

CVE-2024-43338 is a CSRF vulnerability in Crowdsignal Dashboard – Polls, Surveys & more (WordPress plugin Crowdsignal) affecting versions up to and including 3.1.2. The issue permits Cross Site Request Forgery with CVSS v3.1 base score 4.3 (Medium). Connected Patchstack entries classify the vulne...

4.3CVSS5.9AI score0.00214EPSS
Exploits0References1
NVD
NVD
added 2024/11/01 3:15 p.m.24 views

CVE-2024-43968

Broken Access Control vulnerability in Automattic Newspack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack: from n/a through 3.8.6...

8.8CVSS0.00421EPSS
Exploits0References1
NVD
NVD
added 2024/11/01 3:15 p.m.6 views

CVE-2024-37477

Missing Authorization vulnerability in Automattic Newspack Content Converter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack Content Converter: from n/a through 0.1.5...

6.5CVSS0.00394EPSS
Exploits0References1
NVD
NVD
added 2024/11/01 3:15 p.m.11 views

CVE-2024-37475

Missing Authorization vulnerability in Automattic Newspack Newsletters allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Newspack Newsletters: from n/a through 2.13.2...

5.3CVSS0.00409EPSS
Exploits0References1
NVD
NVD
added 2024/11/01 3:15 p.m.7 views

CVE-2024-37423

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Automattic Newspack Blocks allows Path Traversal.This issue affects Newspack Blocks: from n/a through 3.0.8...

8.5CVSS0.0045EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/01 2:18 p.m.6 views

CVE-2024-37423 WordPress Newspack Blocks plugin <= 3.0.8 - Contributor+ Arbitrary Directory Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Automattic Newspack Blocks allows Path Traversal.This issue affects Newspack Blocks: from n/a through 3.0.8...

8.5CVSS6.8AI score0.0045EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/01 2:18 p.m.13 views

CVE-2024-37425 WordPress Newspack Blocks plugin <= 3.0.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Automattic Newspack Blocks newspack-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack Blocks: from n/a through 3.0.8...

5.4CVSS0.00371EPSS
Exploits0References1
CVE
CVE
added 2024/11/01 2:18 p.m.47 views

CVE-2024-37423

CVE-2024-37423 pertains to WordPress Automattic Newspack Blocks (

8.5CVSS8.4AI score0.0045EPSS
Exploits0References1
CVE
CVE
added 2024/11/01 2:18 p.m.37 views

CVE-2024-37425

CVE-2024-37425 corresponds to a Missing Authorization vulnerability in Automattic Newspack Blocks (WordPress plugin) up to version 3.0.8. Connected sources describe an Authenticated (Contributor+) scenario involving broken/incorrect access control security levels and note that the vulnerability i...

5.4CVSS5.5AI score0.00371EPSS
Exploits0References1
CVE
CVE
added 2024/11/01 2:18 p.m.42 views

CVE-2024-37443

CVE-2024-37443 corresponds to a Missing Authorization vulnerability in the WP Job Manager - Resume Manager plugin (affected: WP Job Manager - Resume Manager,

4.3CVSS4.7AI score0.00328EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/01 2:18 p.m.19 views

CVE-2024-37475 WordPress Newspack Newsletters plugin <= 2.13.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Automattic Newspack Newsletters allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Newspack Newsletters: from n/a through 2.13.2...

5.3CVSS0.00409EPSS
Exploits0References1
Rows per page
Query Builder