CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

EUVD•added last week•6 views

EUVD-2026-37666

Unauthenticated Broken Authentication in Booknetic = 4.8.5 versions...

8.1CVSS5.2AI score0.00322EPSS

Exploits0References2

NVD•added 2026/06/17 1:20 p.m.•5 views

CVE-2026-25439

Unauthenticated Broken Authentication in Booknetic = 4.8.5 versions...

8.1CVSS0.00322EPSS

Exploits0References1

Cvelist•added 2026/06/17 9:50 a.m.•25 views

CVE-2026-25439 WordPress Booknetic plugin <= 4.8.5 - Account Takeover vulnerability

Unauthenticated Broken Authentication in Booknetic = 4.8.5 versions...

8.1CVSS0.00322EPSS

Exploits0References1

CVE•added 2026/06/17 9:50 a.m.•14 views

CVE-2026-25439

CVE-2026-25439 affects the WordPress Booknetic plugin up to version 4.8.5, with unauthenticated broken authentication leading to account takeover. The CVSSv3.1 vector (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) yields a base score of 8.1 (HIGH). Documented impact includes high confidentiality, integrit...

8.1CVSS5.2AI score0.00322EPSS

Exploits0References1

Patchstack•added 2026/06/01 9:38 a.m.•7 views

WordPress Booknetic plugin <= 4.8.5 - Account Takeover vulnerability

Account Takeover vulnerability discovered by Phat RiO in WordPress Plugin Booknetic versions = 4.8.5...

8.1CVSS5.8AI score0.00322EPSS

Exploits0Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-5400

Malicious code in bioql PyPI...

4.3CVSS8.7AI score0.00149EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-8106

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00214EPSS

Exploits1References3

RedhatCVE•added 2025/03/28 6:32 a.m.•16 views

CVE-2024-13146

The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack...

8.8CVSS6.9AI score0.00214EPSS

Exploits1References1

Patchstack•added 2025/03/26 7:24 p.m.•4 views

WordPress Booknetic plugin < 4.1.5 - Staff Creation via CSRF vulnerability

Staff Creation via CSRF vulnerability discovered by Veshraj Ghimire in WordPress Plugin Booknetic versions 4.1.5...

8.8CVSS7AI score0.00214EPSS

Exploits1References1Affected Software1

OSV•added 2025/03/26 6:15 a.m.•3 views

CVE-2024-13146

The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack...

8.8CVSS5.9AI score0.00214EPSS

Exploits1References1

Vulnrichment•added 2025/03/26 6:0 a.m.•7 views

CVE-2024-13146 Booknetic < 4.1.5 - Staff Creation via CSRF

The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack...

7.1AI score0.00214EPSS

Exploits1References1

Cvelist•added 2025/03/26 6:0 a.m.•13 views

CVE-2024-13146 Booknetic < 4.1.5 - Staff Creation via CSRF

The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack...

0.00214EPSS

Exploits1References1

CVE•added 2025/03/26 6:0 a.m.•70 views

CVE-2024-13146

The CVE-2024-13146 entry concerns the WordPress Booknetic plugin (pre-4.1.5) lacking CSRF protection when creating Staff accounts, enabling a logged-in attacker to add arbitrary Staff members via CSRF. Affected: Booknetic WordPress plugin versions prior to 4.1.5. Root cause: missing CSRF check on...

8.8CVSS7.1AI score0.00214EPSS

Exploits1References1Affected Software1

CNNVD•added 2025/03/26 12:0 a.m.•2 views

WordPress plugin Booknetic 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.5AI score0.00214EPSS

Exploits1References1

Positive Technologies•added 2025/03/26 12:0 a.m.•4 views

PT-2025-12858 · WordPress · Booknetic

Name of the Vulnerable Software and Affected Versions: Booknetic WordPress plugin versions prior to 4.1.5 Description: The issue concerns a lack of CSRF check when creating Staff accounts, which could allow attackers to make logged-in admins add arbitrary Staff members via a CSRF attack. This cou...

8.8CVSS6.5AI score0.00214EPSS

Exploits1References7

RedhatCVE•added 2025/02/27 2:32 p.m.•2 views

CVE-2025-26926

Cross-Site Request Forgery CSRF vulnerability in fs-code Booknetic booknetic.This issue affects Booknetic: from n/a through = 4.0.9...

4.3CVSS7.2AI score0.00149EPSS

Exploits0References1

NVD•added 2025/02/25 3:15 p.m.•2 views

CVE-2025-26926

Cross-Site Request Forgery CSRF vulnerability in fs-code Booknetic booknetic.This issue affects Booknetic: from n/a through = 4.0.9...

4.3CVSS0.00149EPSS

Exploits0References1

Vulnrichment•added 2025/02/25 2:17 p.m.•4 views

CVE-2025-26926 WordPress Booknetic plugin <= 4.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in fs-code Booknetic booknetic.This issue affects Booknetic: from n/a through = 4.0.9...

4.3CVSS7.2AI score0.00149EPSS

Exploits0References1

Cvelist•added 2025/02/25 2:17 p.m.•13 views

CVE-2025-26926 WordPress Booknetic plugin <= 4.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in fs-code Booknetic booknetic.This issue affects Booknetic: from n/a through = 4.0.9...

4.3CVSS0.00149EPSS

Exploits0References1

CVE•added 2025/02/25 2:17 p.m.•58 views

CVE-2025-26926

CVE-2025-26926 is a CSRF vulnerability in the WordPress plugin Booknetic (versions

4.3CVSS7.2AI score0.00149EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by