Lucene search
K

8 matches found

NVD
NVD
added 2025/06/28 4:15 a.m.6 views

CVE-2025-6379

The BeeTeam368 Extensions Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.3.4 via the handlelivefn function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the...

8.8CVSS0.00729EPSS
Exploits0References2
OSV
OSV
added 2025/06/28 4:15 a.m.5 views

CVE-2025-6379

The BeeTeam368 Extensions Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.3.4 via the handlelivefn function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the...

8.8CVSS5.6AI score0.00729EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/28 3:21 a.m.7 views

CVE-2025-6379 BeeTeam368 Extensions Pro <= 2.3.4 - Authenticated (Subscriber+) Directory Traversal to Arbitrary File Deletion

The BeeTeam368 Extensions Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.3.4 via the handlelivefn function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the...

8.8CVSS0.00729EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/28 3:21 a.m.3 views

CVE-2025-6379 BeeTeam368 Extensions Pro <= 2.3.4 - Authenticated (Subscriber+) Directory Traversal to Arbitrary File Deletion

The BeeTeam368 Extensions Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.3.4 via the handlelivefn function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the...

8.8CVSS6AI score0.00729EPSS
Exploits0References2
CVE
CVE
added 2025/06/28 3:21 a.m.27 views

CVE-2025-6379

CVE-2025-6379 (BeeTeam368 Extensions Pro, WordPress) The vulnerability is a directory traversal in the BeeTeam368 Extensions Pro plugin (versions up to 2.3.4) via the handle_live_fn() function, allowing authenticated users with Subscriber+ access to access files outside the intended directory and...

8.8CVSS6.1AI score0.00729EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/28 12:0 a.m.4 views

PT-2025-27285 · WordPress · Beeteam368 Extensions Pro

Name of the Vulnerable Software and Affected Versions: BeeTeam368 Extensions Pro plugin for WordPress versions up to, and including, 2.3.4 Description: The issue allows authenticated attackers with Subscriber-level access and above to perform actions on files outside of the originally intended...

8.8CVSS6.6AI score0.00729EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/06/28 12:0 a.m.5 views

WordPress plugin BeeTeam368 Extensions Pro 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

8.8CVSS6.4AI score0.00729EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/06/27 11:4 p.m.6 views

WordPress BeeTeam368 Extensions Pro plugin <= 2.3.4 - Authenticated (Subscriber+) Directory Traversal to Arbitrary File Deletion vulnerability

Authenticated Subscriber+ Directory Traversal to Arbitrary File Deletion vulnerability discovered by Tonn in WordPress Plugin BeeTeam368 Extensions Pro versions = 2.3.4...

8.8CVSS6.7AI score0.00729EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder