Lucene search
K

137 matches found

Cvelist
Cvelist
added 2025/10/16 6:47 a.m.10 views

CVE-2025-10706 Classified Pro <= 1.0.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation

The Classified Pro theme for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check in the 'cwpaddonsupdateplugincb' function in all versions up to, and including, 1.0.14. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS0.00597EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/16 6:47 a.m.5 views

EUVD-2025-34723

The Classified Pro theme for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check in the 'cwpaddonsupdateplugincb' function in all versions up to, and including, 1.0.14. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS6.2AI score0.00597EPSS
Exploits0References3
CVE
CVE
added 2025/10/16 6:47 a.m.20 views

CVE-2025-10706

CVE-2025-10706 pertains to the Classified Pro WordPress theme. Wordfence and CVE records confirm a missing capability check in cwp_addons_update_plugin_cb across all versions

8.8CVSS6.3AI score0.00597EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-45789

Malicious code in bioql PyPI...

5.3CVSS8.7AI score0.00364EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-42911

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00318EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28566

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.0034EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2025-18093

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00447EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-30510

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.0019EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-28420

Malicious code in bioql PyPI...

9.9CVSS8.6AI score0.00643EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2025-19220

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00187EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-19218

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00159EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-17235

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.0014EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-42336

Malicious code in bioql PyPI...

7.1CVSS6.5AI score0.00273EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/24 6:31 p.m.4 views

CVE-2025-59569

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Tauqeer CubeWP cubewp-framework allows Stored XSS.This issue affects CubeWP: from n/a through = 1.1.26...

6.5CVSS5.9AI score0.0019EPSS
Exploits0References1
NVD
NVD
added 2025/09/22 7:16 p.m.10 views

CVE-2025-59569

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Tauqeer CubeWP cubewp-framework allows Stored XSS.This issue affects CubeWP: from n/a through = 1.1.26...

6.5CVSS0.0019EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/22 6:28 p.m.4 views

WordPress CubeWP Plugin <= 1.1.26 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin CubeWP versions = 1.1.26...

6.5CVSS6AI score0.0019EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/22 6:25 p.m.3 views

CVE-2025-59569 WordPress CubeWP Plugin <= 1.1.26 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Emraan Cheema CubeWP allows Stored XSS. This issue affects CubeWP: from n/a through 1.1.26...

6.5CVSS5.6AI score0.0019EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 6:25 p.m.12 views

CVE-2025-59569 WordPress CubeWP Plugin <= 1.1.26 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Tauqeer CubeWP cubewp-framework allows Stored XSS.This issue affects CubeWP: from n/a through = 1.1.26...

6.5CVSS0.0019EPSS
Exploits0References1
CVE
CVE
added 2025/09/22 6:25 p.m.12 views

CVE-2025-59569

CVE-2025-59569 : Stored XSS in CubeWP (CubeWP Framework) affecting versions up to 1.1.26; exploit requires at least Contributor+ authenticated access. Patch available in 1.1.26 (CubeWP patch), per Wordfence listing of CubeWP

6.5CVSS5.9AI score0.0019EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.4 views

PT-2025-39044

Name of the Vulnerable Software and Affected Versions CubeWP versions through 1.1.26 Description The software contains a flaw related to improper input handling during web page creation, which can lead to Cross-site Scripting XSS. This specific instance is a Stored XSS issue, meaning malicious...

6.5CVSS5.5AI score0.0019EPSS
Exploits0References3
Rows per page
Query Builder