Lucene search
K

15 matches found

EUVD
EUVD
added 2026/03/05 6:30 a.m.4 views

EUVD-2026-9624

Missing Authorization vulnerability in kamleshyadav WP Bakery Autoresponder Addon vc-autoresponder-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Bakery Autoresponder Addon: from n/a through = 1.0.6...

5.9AI score0.00242EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/30 12:30 p.m.5 views

EUVD-2025-205734

Missing Authorization vulnerability in kamleshyadav Medicalequipment medicalequipment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Medicalequipment: from n/a through = 1.0.9...

5.3CVSS6.5AI score0.00228EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27031

Malicious code in bioql PyPI...

9.3CVSS6.4AI score0.00288EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-26531

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00159EPSS
Exploits0References1
NVD
NVD
added 2025/09/05 5:15 p.m.4 views

CVE-2025-58628

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav Miraculous miraculous allows Blind SQL Injection.This issue affects Miraculous: from n/a through 2.0.9...

9.3CVSS0.00288EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/05 12:0 a.m.5 views

PT-2025-36251

Name of the Vulnerable Software and Affected Versions: Miraculous versions prior to 2.0.9 Description: The Miraculous software contains a SQL injection flaw due to improper neutralization of special elements used in an SQL command. This allows for blind SQL injection. Recommendations: Update...

9.3CVSS7.3AI score0.00288EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.6 views

PT-2025-35769

Name of the Vulnerable Software and Affected Versions: kamleshyadav Exit Intent Popup versions n/a through 1.0.1 Description: A Server-Side Request Forgery SSRF vulnerability exists in kamleshyadav Exit Intent Popup. This issue allows attackers to perform Server Side Request Forgery...

5.4CVSS6.4AI score0.00159EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/28 12:0 a.m.9 views

PT-2025-35036

Name of the Vulnerable Software and Affected Versions: Miraculous Core Plugin versions through 2.0.7 Description: An incorrect privilege assignment exists in the Miraculous Core Plugin, allowing for privilege escalation. Recommendations: Update Miraculous Core Plugin to a version later than 2.0.7...

9.8CVSS6.4AI score0.05027EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.4 views

CVE-2025-31425

Missing Authorization vulnerability in kamleshyadav WP Lead Capturing Pages leadcapture allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Lead Capturing Pages: from n/a through 2.6...

7.5CVSS5.9AI score0.00346EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 11:15 a.m.2 views

CVE-2025-31425

Missing Authorization vulnerability in kamleshyadav WP Lead Capturing Pages leadcapture allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Lead Capturing Pages: from n/a through 2.6...

7.5CVSS0.00346EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 10:34 a.m.14 views

CVE-2025-31425

CVE-2025-31425 relates to the WordPress plugin “WP Lead Capturing Pages” (versions prior to 2.3). The vulnerability is caused by Missing Authorization stemming from incorrectly configured access control, enabling an attacker to perform Arbitrary Content Deletion. The CVSS v3.1 score is 7.5 (High)...

7.5CVSS5.9AI score0.00346EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/04 12:0 a.m.5 views

PT-2025-27884 · Unknown · Kamleshyadav Cf7 7 Mailchimp Add-On

Name of the Vulnerable Software and Affected Versions: kamleshyadav CF7 7 Mailchimp Add-on versions n/a through 2.2 Description: The issue is related to a Missing Authorization vulnerability that allows exploitation of incorrectly configured access control security levels. Recommendations: For...

5.3CVSS6.1AI score0.00211EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/25 1:19 p.m.9 views

CVE-2025-31914

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav Pixel WordPress Form BuilderPlugin & Autoresponder pixel-formbuilder allows Blind SQL Injection.This issue affects Pixel WordPress Form BuilderPlugin & Autoresponder: from n/a through ...

9.3CVSS5.9AI score0.00371EPSS
Exploits0References1
NVD
NVD
added 2025/05/23 1:15 p.m.5 views

CVE-2025-31914

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav Pixel WordPress Form BuilderPlugin & Autoresponder pixel-formbuilder allows Blind SQL Injection.This issue affects Pixel WordPress Form BuilderPlugin & Autoresponder: from n/a through ...

9.3CVSS0.00371EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2018/05/22 12:0 a.m.25 views

Auto Car 1.2 Cross Site Scripting / SQL Injection

Exploit Title: Auto car 1.2 - 'cartitle' SQL Injection / Cross-Site Scripting Date: 2018-05-22 Exploit Author: Borna nematzadeh L0RD Vendor Homepage: https://codecanyon.net/item/auto-car-car-listing-script/19221368?srank=1159 Version: 1.2 Tested on: Win 10 POC 1: SQLi: Parameter: cartitle Type:...

0.7AI score
Exploits0
Rows per page
Query Builder