Lucene search
K

50 matches found

Prion
Prion
added 2021/01/01 4:15 a.m.14 views

Design/Logic Flaw

An issue was discovered in the Divi Builder plugin, Divi theme, and Divi Extra theme before 4.5.3 for WordPress. Authenticated attackers, with contributor-level or above capabilities, can upload arbitrary files, including .php files. This occurs because the check for file extensions is on the...

6.5CVSS8.7AI score0.02422EPSS
Exploits2References2Affected Software3
CVE
CVE
added 2021/01/01 3:28 a.m.114 views

CVE-2020-35945

CVE-2020-35945 affects WordPress environments using the Divi Builder plugin, Divi theme, and Divi Extra theme prior to 4.5.3. The vulnerability allows authenticated attackers with contributor-level or higher privileges to upload arbitrary files, including PHP, because the extension check is perfo...

9.9CVSS8.7AI score0.02422EPSS
Exploits2References2Affected Software3
Positive Technologies
Positive Technologies
added 2021/01/01 12:0 a.m.6 views

PT-2021-11877

Name of the Vulnerable Software and Affected Versions: Divi Builder plugin versions prior to 4.5.3 Divi theme versions prior to 4.5.3 Divi Extra theme versions prior to 4.5.3 Description: An issue allows authenticated attackers with contributor-level or above capabilities to upload arbitrary file...

9.9CVSS8AI score0.02422EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2020/08/06 12:0 a.m.19 views

WordPress Elegant Themes Divi Theme 3.0 <= 4.5.2 Authenticated Arbitrary File Upload Vulnerability

The WordPress theme Divi by Elegant Themes is prone to an authenticated arbitrary file upload vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

9.9CVSS8.8AI score0.02422EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
added 2020/08/04 12:0 a.m.5 views

VulnCheck KEV: CVE-2020-35945

An issue was discovered in the Divi Builder plugin, Divi theme, and Divi Extra theme before 4.5.3 for WordPress. Authenticated attackers, with contributor-level or above capabilities, can upload arbitrary files, including .php files. This occurs because the check for file extensions is on the...

9.9CVSS7.4AI score0.02422EPSS
Exploits2References1
GithubExploit
GithubExploit
added 2016/02/03 9:44 p.m.18 views

Exploit for Path Traversal in Elegantthemes Divi

WordPressMassExploiter Mass exploiter of CVE-2015-1579 for Wor...

5CVSS7.3AI score0.22055EPSS
Exploits5
OpenVAS
OpenVAS
added 2015/03/06 12:0 a.m.67 views

WordPress Divi Theme Directory Traversal Vulnerability

WordPress Divi Theme is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5CVSS9.4AI score0.22055EPSS
Exploits5References1
CNVD
CNVD
added 2015/02/21 12:0 a.m.12 views

WordPress Elegant Themes Divi Theme Directory Traversal Vulnerability

WordPress is a set of blogging platform developed by WordPress Software Foundation using PHP language, which supports setting up personal blog sites on servers with PHP and MySQL.Elegant Themes Divi is one of the Elegant Themes. A directory traversal vulnerability exists in the WordPress Elegant...

5CVSS6.9AI score0.22055EPSS
Exploits5References1
0day.today
0day.today
added 2015/02/10 12:0 a.m.545 views

Wordpress Theme Divi Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Theme Divi Arbitrary File Download Vulnerability Date: 08/02/2015 Exploit Author: pool and Fran73 Vendor Homepage: http://www.elegantthemes.com/gallery/divi/ Contact : email protected YM Tested on: Linux / Window Googl...

7.1AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2014/09/03 12:0 a.m.7 views

VulnCheck KEV: CVE-2015-1579

Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the img parameter in a revslidershowimage action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734...

5CVSS7.4AI score0.22055EPSS
Exploits6References1
Rows per page
Query Builder