CVE-2025-24562

Cross-Site Request Forgery CSRF vulnerability in Optimal Access KBucket kbucket allows Stored XSS.This issue affects KBucket: from n/a through = 4.1.6...

CVE-2024-52369

Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access KBucket kbucket allows Upload a Web Shell to a Web Server.This issue affects KBucket: from n/a through = 4.2.2...

CVE-2025-24562

Cross-Site Request Forgery CSRF vulnerability in Optimal Access KBucket kbucket allows Stored XSS.This issue affects KBucket: from n/a through = 4.1.6...

CVE-2025-24562 WordPress KBucket plugin <= 4.1.6 - CSRF to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery CSRF vulnerability in Optimal Access KBucket kbucket allows Stored XSS.This issue affects KBucket: from n/a through = 4.1.6...

CVE-2025-24562 WordPress KBucket plugin <= 4.1.6 - CSRF to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery CSRF vulnerability in Optimal Access KBucket kbucket allows Stored XSS.This issue affects KBucket: from n/a through = 4.1.6...

CVE-2025-24562

CVE-2025-24562 concerns the WordPress plugin KBucket by Optimal Access Inc. It is a CSRF to Stored XSS vulnerability affecting KBucket versions up to 4.1.6 . The CVSS 3.1 base vector references network attack, low attack complexity, no privileges, and user interaction required, with a base score ...

WordPress KBucket plugin <= 4.1.6 - CSRF to Stored Cross-Site Scripting vulnerability

CSRF to Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin KBucket versions = 4.1.6...

PT-2025-5407 · Kbucket · Kbucket

Name of the Vulnerable Software and Affected Versions: KBucket versions through 4.1.6 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. Recommendations: For versions through 4.1.6, update to a version that contains a fix for this issue. At the momen...

WordPress plugin KBucket 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

CVE-2024-52369

Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access KBucket kbucket allows Upload a Web Shell to a Web Server.This issue affects KBucket: from n/a through = 4.2.2...

CVE-2024-52369

CVE-2024-52369 affects WordPress KBucket plugin versions up to 4.1.6 and is an Unrestricted Upload of File with Dangerous Type vulnerability that allows upload of a web shell to the server. Connected records indicate patched status for KBucket, with fixes in later builds (e.g., 4.2.2+ as per Patc...

CVE-2024-52369 WordPress KBucket plugin <= 4.2.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access KBucket kbucket allows Upload a Web Shell to a Web Server.This issue affects KBucket: from n/a through = 4.2.2...

CVE-2024-52369 WordPress KBucket plugin <= 4.2.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access KBucket kbucket allows Upload a Web Shell to a Web Server.This issue affects KBucket: from n/a through = 4.2.2...

WordPress plugin KBucket 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

WordPress KBucket plugin <= 4.2.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin KBucket versions = 4.2.2...

WordPress KBucket Plugin <= 4.1.6 is vulnerable to Arbitrary File Upload

Software KBucket Type Plugin Vulnerable versions = 4.1.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-52369 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 510ec3a237eb Credits stealthcopter Required privilege Subscriber...