CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Patchstack•added 2026/02/03 7:26 a.m.•2 views

WordPress IdeaPush plugin <= 8.71 - Missing Authorization to Board Term Deletion vulnerability

Missing Authorization to Board Term Deletion vulnerability discovered by Lucio Sá in WordPress Plugin IdeaPush versions = 8.71...

4.3CVSS5.4AI score0.00135EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-51314

Malicious code in bioql PyPI...

4.8CVSS6.5AI score0.00127EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 7:51 a.m.•6 views

CVE-2024-11844

The IdeaPush plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ideapushtaxonomysaveroutine function in all versions up to, and including, 8.71. This makes it possible for authenticated attackers, with Subscriber-level access and above...

4.3CVSS6.5AI score0.00135EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:15 a.m.•5 views

CVE-2023-47181

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Martin Gibson IdeaPush plugin = 8.52 versions...

5.9CVSS6.5AI score0.00127EPSS

Exploits0References1

Patchstack•added 2024/12/27 3:56 p.m.•3 views

WordPress IdeaPush plugin <= 8.71 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin IdeaPush versions = 8.71...

9.8CVSS7AI score0.00171EPSS

Exploits0Affected Software1

OSV•added 2024/12/03 9:15 a.m.•0 views

CVE-2024-11844

4.3CVSS5.8AI score

Exploits0References3

CNNVD•added 2024/12/03 12:0 a.m.•1 views

WordPress plugin IdeaPush 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS8.1AI score0.00135EPSS

Exploits0References3

Patchstack•added 2024/10/14 1:28 p.m.•3 views

WordPress IdeaPush plugin <= 8.69 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin IdeaPush versions = 8.69...

8.8CVSS7AI score0.002EPSS

Exploits0Affected Software1

Patchstack•added 2024/10/14 12:0 a.m.•11 views

WordPress IdeaPush Plugin <= 8.69 is vulnerable to Cross Site Request Forgery (CSRF)

Software IdeaPush Type Plugin Vulnerable versions = 8.69 Fixed in 8.71 OWASP Top 10 A4: Insecure Design Classification Cross Site Request Forgery CSRF CVE CVE-2024-49275 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7462c84a9103 Credits theviper17 Required privilege...

8.8CVSS6.6AI score0.002EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/07/01 11:55 a.m.•2 views

WordPress IdeaPush plugin <= 8.65 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by piro Patchstack Alliance in WordPress Plugin IdeaPush versions = 8.65...

7.1CVSS6.1AI score0.00275EPSS

Exploits0Affected Software1

OSV•added 2023/11/08 7:15 p.m.•0 views

CVE-2023-47181

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Martin Gibson IdeaPush plugin = 8.52 versions...

4.8CVSS7.3AI score0.00127EPSS

Exploits0References1