CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Cvelist•added 2026/03/04 11:22 a.m.•24 views

CVE-2026-3056 Seraphinite Accelerator <= 2.28.14 - Missing Authorization to Authenticated (Subscriber+) Log Clearing

The Seraphinite Accelerator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the seraphaccelapi AJAX action with fn=LogClear in all versions up to, and including, 2.28.14. This makes it possible for authenticated attackers, with...

4.3CVSS0.00013EPSS

Exploits0References4

CVE•added 2026/03/04 11:22 a.m.•6 views

CVE-2026-3056

CVE-2026-3056 affects the Seraphinite Accelerator WordPress plugin (all versions up to 2.28.14). Root cause: missing capability check on the seraph_accel_api AJAX action with fn=LogClear, allowing authenticated users with Subscriber-level access or higher to clear the plugin’s debug/operational l...

4.3CVSS5.9AI score0.00013EPSS

Exploits0References4

Positive Technologies•added 2026/03/04 12:0 a.m.•2 views

PT-2026-22901

The Seraphinite Accelerator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the seraph accel api AJAX action with fn=LogClear in all versions up to, and including, 2.28.14. This makes it possible for authenticated attackers, with...

4.3CVSS5.9AI score0.00013EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-2658

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00141EPSS

Exploits0References3

OSV•added 2022/05/24 5:18 p.m.•8 views

GHSA-5V5Q-3M7M-97J7 Image Resizer Cross-Site Request Forgery (CSRF)

An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action...

8.8CVSS8.8AI score0.00141EPSS

Exploits0References3

Github Security Blog•added 2022/05/24 5:18 p.m.•11 views

Image Resizer Cross-Site Request Forgery (CSRF)

An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action...

8.8CVSS7.3AI score0.00141EPSS

Exploits0References3Affected Software1

OSV•added 2022/04/15 5:15 p.m.•0 views

CVE-2022-27850

Cross-Site Request Forgery CSRF in Simple Ajax Chat WordPress plugin = 20220115 allows an attacker to clear the chat log or delete a chat message...

4.3CVSS5.8AI score

Exploits0References2

OSV•added 2020/05/25 5:15 p.m.•8 views

CVE-2020-13458

An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action...

8.8CVSS7AI score

Exploits0References1

Prion•added 2020/05/25 5:15 p.m.•5 views

Cross site request forgery (csrf)

An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action...

6.8CVSS8.7AI score0.00141EPSS

Exploits0References1Affected Software1

CVE•added 2020/05/25 4:34 p.m.•41 views

CVE-2020-13458

CVE-2020-13458 affects the Craft CMS Image Resizer plugin prior to 2.0.9. The issue is a CSRF flaw in the log-clear controller action, enabling CSRF exploitation with no authentication and requiring user interaction. CVSSv3.1 base score is 8.8 (HIGH) with network attack vector, low attack complex...

8.8CVSS8.7AI score0.00141EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/05/25 4:34 p.m.•13 views

CVE-2020-13458

An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action...

8.8AI score0.00141EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by