Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2020-4971

Malware in sbrugna...

8.8CVSS8.5AI score0.02842EPSS
Exploits0References3
Circl
Circl
added 2020/05/29 8:46 p.m.5 views

CVE-2020-12077

creationtimestamp| type| source ---|---|--- 2020-05-29 20:46:03+00:00| seen| https://t.me/VulnerabilityNews/14898 2020-05-29 20:55:02+00:00| seen| https://t.me/cibsecurity/12406 2023-09-12 11:00:38+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/9010 2024-08-16...

8.8CVSS8.1AI score0.05606EPSS
Exploits3References4
Prion
Prion
added 2020/05/29 4:15 p.m.20 views

Design/Logic Flaw

The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for...

6.5CVSS9AI score0.05606EPSS
Exploits3References2Affected Software1
CVE
CVE
added 2020/05/29 3:52 p.m.70 views

CVE-2020-12675

The CVE-2020-12675 entry concerns the WordPress plugin mappress-google-maps-for-wordpress, version prior to 2.54.6. Affected component: the plugin’s AJAX-related code (creation/retrieval/deletion of PHP template files) with insufficient capability checks, enabling Remote Code Execution. Root caus...

8.8CVSS8.9AI score0.02842EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2020/05/28 12:0 a.m.27 views

MapPress Maps < 2.54.6 - Improper Capability Checks in AJAX Calls

Due to incomplete fixes for CVE-2020-12077, an attacker with subscriber privileges may be able to download, delete and upload arbitrary PHP files, which could result in remote command execution...

6.5CVSS4.3AI score0.05606EPSS
Exploits3References1Affected Software1
CVE
CVE
added 2020/04/23 2:20 a.m.174 views

CVE-2020-12077

The WordPress plugin MapPress Maps for WordPress (mappress-google-maps-for-wordpress) is affected by CVE-2020-12077: versions before 2.53.9 implement AJAX actions without nonce or proper capability checks, enabling Remote Code Execution via admin-ajax.php. Red Hat and NVD entries corroborate the ...

8.8CVSS8.9AI score0.05606EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder