Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/01/17 2:22 a.m.24 views

CVE-2025-12718 Quick Contact Form <= 8.2.6 - Unauthenticated Open Mail Relay

The Quick Contact Form plugin for WordPress is vulnerable to Open Mail Relay in all versions up to, and including, 8.2.6. This is due to the 'qcfvalidateform' AJAX endpoint allowing a user controlled parameter to set the 'from' email address. This makes it possible for unauthenticated attackers t...

5.8CVSS0.00206EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/10/20 9:0 p.m.7 views

WordPress Element Pack Addons for Elementor plugin <= 8.2.5 - Authenticated (Subscriber+) Blind Server-Side Request Forgery vulnerability

Authenticated Subscriber+ Blind Server-Side Request Forgery vulnerability discovered by LionTree in WordPress Plugin Element Pack Elementor Addons versions = 8.2.5...

5CVSS6.8AI score0.00218EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/07/26 12:0 a.m.5 views

WordPress plugin WoodMart 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation...

5.3CVSS6.5AI score0.00319EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/10/31 2:25 a.m.2 views

SUSE CVE-2021-35575

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS5.6AI score0.02068EPSS
Exploits0References2
Rows per page
Query Builder