Lucene search
+L

137 matches found

CNNVD
CNNVD
added 2025/09/22 12:0 a.m.3 views

WordPress plugin CubeWP 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

6.5CVSS5.8AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/22 8:31 a.m.4 views

CVE-2025-54735

Incorrect Privilege Assignment vulnerability in Imran Tauqeer CubeWP cubewp-framework allows Privilege Escalation.This issue affects CubeWP: from n/a through = 1.1.24...

8.8CVSS5.9AI score0.0034EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 8:15 a.m.11 views

CVE-2025-54735

Incorrect Privilege Assignment vulnerability in Imran Tauqeer CubeWP cubewp-framework allows Privilege Escalation.This issue affects CubeWP: from n/a through = 1.1.24...

8.8CVSS0.0034EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:2 a.m.19 views

CVE-2025-54735

CVE-2025-54735 covers CubeWP Framework (WordPress CubeWP plugin) with an incorrect privilege assignment that allows Privilege Escalation for authenticated users (Subscriber+). Affected versions are CubeWP Framework from n/a through 1.1.24. The vulnerability has been publicly disclosed and is rate...

8.8CVSS5.9AI score0.0034EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 8:2 a.m.2 views

CVE-2025-54735 WordPress CubeWP Framework Plugin <= 1.1.24 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Emraan Cheema CubeWP Framework allows Privilege Escalation. This issue affects CubeWP Framework: from n/a through 1.1.24...

8.8CVSS7.2AI score0.0034EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 8:2 a.m.15 views

CVE-2025-54735 WordPress CubeWP Framework Plugin <= 1.1.24 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Imran Tauqeer CubeWP cubewp-framework allows Privilege Escalation.This issue affects CubeWP: from n/a through = 1.1.24...

8.8CVSS0.0034EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.6 views

WordPress plugin CubeWP Framework 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.8AI score0.0034EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.5 views

PT-2025-34023 · WordPress · Cubewp Framework

Name of the Vulnerable Software and Affected Versions: CubeWP Framework versions n/a through 1.1.24 Description: An incorrect privilege assignment issue exists in CubeWP Framework, allowing for privilege escalation. Recommendations: Update CubeWP Framework to a version later than 1.1.24...

8.8CVSS6.5AI score0.0034EPSS
Exploits0References6
CNVD
CNVD
added 2025/06/24 12:0 a.m.5 views

WordPress CubeWP Forms plugin authorization issue vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An authorization issue vulnerability exists in the WordPress CubeWP Forms plugin that stems from a lack of authorization and can be exploited by an attacker to configure incorre...

4.3CVSS7AI score0.00187EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/19 3:21 p.m.10 views

CVE-2025-49880

Missing Authorization vulnerability in Imran Tauqeer CubeWP Forms cubewp-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CubeWP Forms: from n/a through = 1.1.5...

4.3CVSS5.9AI score0.00187EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/19 3:20 p.m.12 views

CVE-2025-49882

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Tauqeer CubeWP cubewp-framework allows DOM-Based XSS.This issue affects CubeWP: from n/a through = 1.1.23...

6.5CVSS5.9AI score0.00159EPSS
Exploits0References1
NVD
NVD
added 2025/06/17 3:15 p.m.9 views

CVE-2025-49880

Missing Authorization vulnerability in Imran Tauqeer CubeWP Forms cubewp-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CubeWP Forms: from n/a through = 1.1.5...

4.3CVSS0.00187EPSS
Exploits0References1
NVD
NVD
added 2025/06/17 3:15 p.m.14 views

CVE-2025-49882

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Tauqeer CubeWP cubewp-framework allows DOM-Based XSS.This issue affects CubeWP: from n/a through = 1.1.23...

6.5CVSS0.00159EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/17 3:1 p.m.6 views

CVE-2025-49880 WordPress CubeWP Forms plugin <= 1.1.5 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Imran Tauqeer CubeWP Forms cubewp-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CubeWP Forms: from n/a through = 1.1.5...

4.3CVSS5.9AI score0.00187EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/17 3:1 p.m.15 views

CVE-2025-49880 WordPress CubeWP Forms plugin <= 1.1.5 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Imran Tauqeer CubeWP Forms cubewp-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CubeWP Forms: from n/a through = 1.1.5...

4.3CVSS0.00187EPSS
Exploits0References1
CVE
CVE
added 2025/06/17 3:1 p.m.24 views

CVE-2025-49880

Summary: CVE-2025-49880 affects WordPress CubeWP Forms (versions up to 1.1.5) with a missing authorization flaw enabling attackers to exploit misconfigured access controls. The vulnerability originates from inadequate access control checks in CubeWP Forms and is cataloged with a CVSS v3.1 base sc...

4.3CVSS5.9AI score0.00187EPSS
Exploits0References1
CVE
CVE
added 2025/06/17 3:1 p.m.27 views

CVE-2025-49882

CVE-2025-49882 is a cross-site scripting vulnerability in the WordPress CubeWP Framework, identified as a DOM-based XSS due to improper input neutralization in web page generation. Affected software is CubeWP Framework versions up to and including 1.1.23. Public sources corroborate the issue with...

6.5CVSS5.9AI score0.00159EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/17 3:1 p.m.8 views

CVE-2025-49882 WordPress CubeWP Framework plugin <= 1.1.23 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Tauqeer CubeWP cubewp-framework allows DOM-Based XSS.This issue affects CubeWP: from n/a through = 1.1.23...

6.5CVSS5.9AI score0.00159EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/17 3:1 p.m.20 views

CVE-2025-49882 WordPress CubeWP Framework plugin <= 1.1.23 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Tauqeer CubeWP cubewp-framework allows DOM-Based XSS.This issue affects CubeWP: from n/a through = 1.1.23...

6.5CVSS0.00159EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/17 12:0 a.m.9 views

PT-2025-25736 · Unknown · Cubewp Framework

Name of the Vulnerable Software and Affected Versions: CubeWP Framework versions 1.1.23 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS in the CubeWP Framework...

6.5CVSS6.4AI score0.00159EPSS
Exploits0References4
Rows per page
Query Builder