Lucene search
+L

129 matches found

CVE
CVE
added 2025/11/05 6:35 a.m.22 views

CVE-2025-11373

CVE-2025-11373 concerns the Depicter Popup & Slider Builder for WordPress. The root cause is a missing capability check in the depicter-media-upload AJAX route, affecting all versions up to and including 4.0.4. This enables authenticated attackers with Contributor-level access or higher to upload...

4.3CVSS5.1AI score0.00228EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/05 6:35 a.m.12 views

CVE-2025-11373 Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Safe File Type Upload

The Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability checks in the "depicter-media-upload" AJAX route in all...

4.3CVSS0.00228EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/11/05 1:28 a.m.7 views

WordPress Depicter Slider plugin <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Safe File Type Upload vulnerability

Missing Authorization to Authenticated Contributor+ Safe File Type Upload vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Depicter Slider versions = 4.0.4...

4.3CVSS6.7AI score0.00228EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/05 12:0 a.m.17 views

PT-2025-45086

Name of the Vulnerable Software and Affected Versions Popup and Slider Builder by Depicter versions up to and including 4.0.4 Description The Popup and Slider Builder by Depicter plugin for WordPress has a flaw that allows authenticated attackers with Contributor-level access or higher to upload...

4.3CVSS6.2AI score0.00228EPSS
Exploits0References7
CNVD
CNVD
added 2025/11/05 12:0 a.m.3 views

WordPress Depicter plugin cross-site request forgery vulnerability

WordPress Depicter plugin is a slider, popup and rotator image creation tool designed for WordPress, offering a no-code interface and rich customization features. The WordPress Depicter plugin suffers from a cross-site request forgery vulnerability, which originates from a web application that do...

4.3CVSS6.8AI score0.00156EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/05 12:0 a.m.4 views

WordPress plugin Popup and Slider Builder by Depicter 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

4.3CVSS6.4AI score0.00228EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2025/11/02 6:9 p.m.198 views

Exploit for CVE-2025-2011

CVE-2025-2011 PoC Author: X3RX3S Purpose: A proof-o...

7.5CVSS7.4AI score0.46435EPSS
Exploits6
RedhatCVE
RedhatCVE
added 2025/11/01 12:4 p.m.10 views

CVE-2025-8383

The Depicter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions less than, or equal to, 4.0.4. This is due to missing or incorrect nonce validation on the depicter-document-rules-store function. This makes it possible for unauthenticated attackers to modify document rule...

4.3CVSS5.6AI score0.00156EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/31 8:25 a.m.4 views

CVE-2025-8383 Depicter <= 4.0.4 - Cross-Site Request Forgery

The Depicter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions less than, or equal to, 4.0.4. This is due to missing or incorrect nonce validation on the depicter-document-rules-store function. This makes it possible for unauthenticated attackers to modify document rule...

4.3CVSS5.3AI score0.00156EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/31 8:25 a.m.6 views

EUVD-2025-37312

The Depicter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions less than, or equal to, 4.0.4. This is due to missing or incorrect nonce validation on the depicter-document-rules-store function. This makes it possible for unauthenticated attackers to modify document rule...

4.3CVSS5.2AI score0.00156EPSS
Exploits0References5
CVE
CVE
added 2025/10/31 8:25 a.m.16 views

CVE-2025-8383

CVE-2025-8383: Depicter for WordPress suffers a Cross-Site Request Forgery in versions

4.3CVSS5.3AI score0.00156EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/31 8:25 a.m.14 views

CVE-2025-8383 Depicter <= 4.0.4 - Cross-Site Request Forgery

The Depicter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions less than, or equal to, 4.0.4. This is due to missing or incorrect nonce validation on the depicter-document-rules-store function. This makes it possible for unauthenticated attackers to modify document rule...

4.3CVSS0.00156EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/10/31 12:0 a.m.6 views

PT-2025-44593

Name of the Vulnerable Software and Affected Versions The Depicter plugin for WordPress versions prior to 4.0.5 Description The Depicter plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF due to missing or incorrect nonce validation within the depicter-document-rules-store...

4.3CVSS6.1AI score0.00156EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/10/31 12:0 a.m.8 views

WordPress plugin Depicter 跨站请求伪造漏洞

WordPress Depicter plugin is a slider, popup and rotator image creation tool designed for WordPress, offering a no-code interface and rich customization features. The WordPress Depicter plugin suffers from a cross-site request forgery vulnerability, which originates from a web application that do...

4.3CVSS6.5AI score0.00156EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-56204

Malicious code in bioql PyPI...

8.8CVSS4.8AI score0.00194EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-42417

Malicious code in bioql PyPI...

5.9CVSS6.6AI score0.00262EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-42395

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00294EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-49951

Malicious code in bioql PyPI...

4.3CVSS9.1AI score0.00518EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-36646

Malicious code in bioql PyPI...

5.9CVSS6.6AI score0.00259EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-44556

Malicious code in bioql PyPI...

6.4CVSS8.7AI score0.00424EPSS
Exploits0References3
Rows per page
Query Builder