72 matches found
WordPress plugin Kubio 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Folderly plugin unauthorized data modification vulnerability
WordPress Folderly plugin is WordPress plugin for virtual folder management that supports categorization and organization of documents, media files and posts. The WordPress Folderly plugin suffers from an unauthorized data modification vulnerability that stems from insufficient capability checkin...
CVE-2025-12038
The Folderly plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the /wp-json/folderly/v1/config/clear-all-data REST API endpoint in all versions up to, and including, 0.3. This makes it possible for authenticated attackers, with...
CVE-2025-11888
The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the postdeactive function and postactivate function in all versions up to, and including, 4.8.4...
EUVD-2025-35906
The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the postdeactive function and postactivate function in all versions up to, and including, 4.8.4...
EUVD-2025-12529
Malicious code in bioql PyPI...
EUVD-2023-0836
Malicious code in bioql PyPI...
EUVD-2024-3324
Malicious code in bioql PyPI...
EUVD-2023-0844
Malicious code in bioql PyPI...
EUVD-2022-3872
Malicious code in bioql PyPI...
EUVD-2022-0540
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-36397
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Moodle, insufficient capability checks meant message deletions were not limited to the current user. CVE-2021-36397 Note that Nessus relies on the presence o...
Linux Distros Unpatched Vulnerability : CVE-2021-20184
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found in Moodle before version 3.10.1, 3.9.4 and 3.8.7 that a insufficient capability checks in some grade related web services meant students were able ...
Linux Distros Unpatched Vulnerability : CVE-2022-0334
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead...
Linux Distros Unpatched Vulnerability : CVE-2025-3640
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Moodle. Insufficient capability checks made it possible for a user enrolled in a course to access some details, such as the full name and...
Linux Distros Unpatched Vulnerability : CVE-2025-3645
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Moodle. Insufficient capability checks in a messaging web service allowed users to view other users' names and online statuses. CVE-2025-364...
Linux Distros Unpatched Vulnerability : CVE-2020-25699
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In moodle, insufficient capability checks could lead to users with the ability to course restore adding additional capabilities to roles within that course...
Linux Distros Unpatched Vulnerability : CVE-2024-43431
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access...
BIT-MOODLE-2024-38273 moodle: BigBlueButton web service leaks meeting joining information to users who should not have access
Insufficient capability checks meant it was possible for users to gain access to BigBlueButton join URLs they did not have permission to access...
Moodle 4.4.x < 4.4.8 Multiple Vulnerabilities
According to its self-reported version, the Moodle install hosted on the remote host is 4.1.x prior to 4.1.18 or 4.3.x prior to 4.3.12 or 4.4.x prior to 4.4.8 or 4.5.x prior to 4.5.4. It is, therefore, affected by multiple vulnerabilities : - Additional checks were required to ensure users can on...