Lucene search
K

190 matches found

RedhatCVE
RedhatCVE
added 2025/12/14 7:59 a.m.11 views

CVE-2025-10289

The Filter & Grids plugin for WordPress is vulnerable to SQL Injection via the 'phrase' parameter in all versions up to, and including, 3.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

5.9CVSS6.7AI score0.00248EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/13 6:30 p.m.6 views

EUVD-2025-203240

The Filter & Grids plugin for WordPress is vulnerable to SQL Injection via the 'phrase' parameter in all versions up to, and including, 3.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

5.9CVSS6.2AI score0.00248EPSS
Exploits0References3
CVE
CVE
added 2025/12/13 7:21 a.m.29 views

CVE-2025-10289

CVE-2025-10289 concerns the WordPress plugin Filter & Grids (ymc-smart-filter) vulnerability: an unauthenticated SQL injection via the phrase parameter in all versions up to and including 3.2.0. The root cause is insufficient escaping and improper SQL query preparation, enabling an attacker to ap...

5.9CVSS6.3AI score0.00248EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/13 7:21 a.m.37 views

CVE-2025-10289 Filter & Grids <= 3.2.0 - Unauthenticated SQL Injection

The Filter & Grids plugin for WordPress is vulnerable to SQL Injection via the 'phrase' parameter in all versions up to, and including, 3.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

5.9CVSS0.00248EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/13 7:21 a.m.4 views

CVE-2025-10289 Filter & Grids <= 3.2.0 - Unauthenticated SQL Injection

The Filter & Grids plugin for WordPress is vulnerable to SQL Injection via the 'phrase' parameter in all versions up to, and including, 3.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

5.9CVSS6.3AI score0.00248EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/13 12:0 a.m.7 views

PT-2025-51092

The Filter & Grids plugin for WordPress is vulnerable to SQL Injection via the 'phrase' parameter in all versions up to, and including, 3.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

5.9CVSS6.7AI score0.00248EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/13 12:0 a.m.8 views

WordPress plugin Filter & Grids SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injectio...

5.9CVSS7.5AI score0.00248EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/10 3:13 p.m.3 views

CVE-2025-62996

Missing Authorization vulnerability in Code Amp Custom Layouts – Post + Product grids made easy custom-layouts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Layouts – Post + Product grids made easy: from n/a through = 1.4.12...

4.3CVSS7.1AI score0.00192EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.4 views

EUVD-2025-202007

Missing Authorization vulnerability in Code Amp Custom Layouts – Post + Product grids made easy custom-layouts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Layouts – Post + Product grids made easy: from n/a through = 1.4.12...

6.6AI score0.00192EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 4:18 p.m.3 views

CVE-2025-62996

Missing Authorization vulnerability in Code Amp Custom Layouts – Post + Product grids made easy custom-layouts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Layouts – Post + Product grids made easy: from n/a through = 1.4.12...

4.3CVSS0.00192EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.3 views

PT-2025-50022

Missing Authorization vulnerability in Code Amp Custom Layouts – Post + Product grids made easy custom-layouts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Layouts – Post + Product grids made easy: from n/a through = 1.4.12...

7.1AI score0.00192EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.3 views

WordPress plugin Custom Layouts – Post + Product grids made easy 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that provides the ability to set up a personal blog site on a PHP and MySQL based server. WordPress plugin Custom Layouts - Post + Product grids...

4.3CVSS6.3AI score0.00192EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/05 9:5 a.m.5 views

WordPress Custom Layouts – Post + Product grids made easy plugin <= 1.4.12 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Custom Layouts – Post + Product grids made easy versions = 1.4.12...

4.3CVSS7AI score0.00192EPSS
Exploits0Affected Software1
Microsoft Secure
Microsoft Secure
added 2025/11/05 5:0 p.m.7 views

​​Securing critical infrastructure: Why Europe’s risk-based regulations matter

The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...

6.5AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-13961

Malware in sbrugna...

7.5CVSS7.5AI score0.01575EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-14168

Malware in sbrugna...

6.1CVSS6.3AI score0.00564EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-14624

Malware in sbrugna...

6.3CVSS5.7AI score0.00505EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-22163

Malware in sbrugna...

7.5CVSS7.5AI score0.01016EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-22165

Malware in sbrugna...

7.7CVSS7AI score0.01258EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-13629

Malware in sbrugna...

7.5CVSS7.5AI score0.00934EPSS
Exploits0References2
Rows per page
Query Builder