Lucene search
K

118 matches found

CNNVD
CNNVD
added 2026/01/09 12:0 a.m.5 views

WordPress plugin WP Table Builder – Drag & Drop Table Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

9.1CVSS6.6AI score0.00353EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:28 a.m.6 views

CVE-2019-12253

my little forum before 2.4.20 allows CSRF to delete posts, as demonstrated by mode=postingposting...

6.5CVSS6.9AI score0.00601EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.6 views

PT-2026-1424

Name of the Vulnerable Software and Affected Versions MasterStudy LMS WordPress Plugin versions through 3.7.6 Description The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is susceptible to unauthorized modification and deletion of data. This is due to a...

5.4CVSS6.3AI score0.00146EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/06 12:0 a.m.6 views

PT-2025-49331

The Listar – Directory Listing & Classifieds WordPress Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the '/wp-json/listar/v1/place/delete' REST API endpoint in all versions up to, and including, 3.0.0. This makes it possible for...

4.3CVSS5.3AI score0.00164EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/08 12:0 a.m.3 views

WordPress plugin Download Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.5AI score0.002EPSS
Exploits0References3
NVD
NVD
added 2025/11/07 4:15 p.m.5 views

CVE-2025-63687

An issue was discovered in rymcu forest thru commit f782e85 2025-09-04 in function doBefore in file src/main/java/com/rymcu/forest/core/service/security/AuthorshipAspect.java, allowing authorized attackers to delete arbitrary users posts...

6.5CVSS0.00246EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/11/07 12:0 a.m.9 views

CVE-2025-63687

An issue was discovered in rymcu forest thru commit f782e85 2025-09-04 in function doBefore in file src/main/java/com/rymcu/forest/core/service/security/AuthorshipAspect.java, allowing authorized attackers to delete arbitrary users posts...

0.00246EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/11/07 12:0 a.m.6 views

PT-2025-45448

An issue was discovered in rymcu forest thru commit f782e85 2025-09-04 in function doBefore in file src/main/java/com/rymcu/forest/core/service/security/AuthorshipAspect.java, allowing authorized attackers to delete arbitrary users posts...

7AI score0.00246EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-11232

Malware in sbrugna...

6.5CVSS6.4AI score0.00986EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-6612

Malware in sbrugna...

5CVSS6.4AI score0.01962EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-28374

Malicious code in bioql PyPI...

8.8CVSS8.9AI score0.00603EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-59765

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.00316EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/01 11:43 a.m.5 views

CVE-2025-4597

The Woo Slider Pro – Drag Drop Slider Builder For WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wooslideprodeletedraftpreview AJAX action in all versions up to, and including, 1.12. This makes it possible for...

6.5CVSS6.6AI score0.00229EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/30 12:0 a.m.10 views

PT-2025-23279 · WordPress · Woo Slider Pro

Name of the Vulnerable Software and Affected Versions: The Woo Slider Pro – Drag Drop Slider Builder For WooCommerce plugin for WordPress versions up to, and including, 1.12 Description: The issue allows authenticated attackers, with Subscriber-level access and above, to delete arbitrary posts du...

6.5CVSS6.4AI score0.00229EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 9:59 a.m.9 views

CVE-2024-1642

The MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.0.1. This is due to missing or incorrect nonce validation on the 'postingbulk' function. This makes it possible for...

4.3CVSS6.5AI score0.00303EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:32 a.m.6 views

CVE-2024-0248

The EazyDocs WordPress plugin before 2.4.0 re-introduced CVE-2023-6029 https://wpscan.com/vulnerability/7a0aaf85-8130-4fd7-8f09-f8edc929597e/ in 2.3.8, allowing any authenticated users, such as subscriber to delete arbitrary posts, as well as add and delete documents/sections. The issue was...

7.5CVSS5.2AI score0.00424EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:21 a.m.4 views

CVE-2024-3627

The Wheel of Life: Coaching and Assessment Tool for Life Coach plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on several functions in the AjaxFunctions.php file in all versions up to, and including, 1.1.7. This makes it possible...

5.4CVSS6AI score0.00388EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:1 a.m.5 views

CVE-2024-1446

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.4.3. This is due to missing or incorrect nonce validation on the nxssnap-reposter page. This makes it possible for unauthenticated attackers to...

5.4CVSS5.3AI score0.00181EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:21 a.m.10 views

CVE-2024-1502

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tutordeleteannouncement function in all versions up to, and including, 2.6.1. This makes it possible for authenticated attackers, with...

5.4CVSS6.6AI score0.00428EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:32 p.m.4 views

CVE-2022-1779

The Auto Delete Posts WordPress plugin through 1.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and delete specific posts, categories and attachments at once...

8.1CVSS6.5AI score0.00517EPSS
Exploits1References1
Rows per page
Query Builder