Lucene search
K

80 matches found

Cvelist
Cvelist
added 2026/06/17 9:50 a.m.25 views

CVE-2026-25446 WordPress WishList Member X plugin <= 3.29.0 - Arbitrary File Upload vulnerability

Subscriber Arbitrary File Upload in WishList Member X = 3.29.0 versions...

9.9CVSS0.00434EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:50 a.m.8 views

CVE-2026-25446

CVE-2026-25446 affects the WordPress plugin Wishlist Member X (WishList Member X) up to version 3.29.0. The vulnerability is an authenticated Arbitrary File Upload that could enable a subscriber to upload arbitrary files on affected sites. According to the provided sources, this CVE is currently ...

9.9CVSS5.2AI score0.00434EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.27 views

CVE-2026-24575 WordPress WishList Member X plugin <= 3.29.0 - Broken Access Control vulnerability

Subscriber Broken Access Control in WishList Member X = 3.29.0 versions...

4.3CVSS0.00259EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:50 a.m.11 views

CVE-2026-24575

CVE-2026-24575 affects WordPress WishList Member X plugin

4.3CVSS5.1AI score0.00259EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.3 views

PT-2026-31710

Name of the Vulnerable Software and Affected Versions WishList Member X versions prior to 3.29.1 Description A flaw allows users with subscriber privileges to perform arbitrary file uploads. This occurs when the application fails to properly validate files uploaded by users with low-level...

9.9CVSS5.4AI score0.00434EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:4 p.m.5 views

CVE-2026-25445

Deserialization of Untrusted Data vulnerability in Membership Software WishList Member X allows Object Injection.This issue affects WishList Member X: from n/a through 3.29.0...

8.8CVSS5.2AI score0.00301EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/19 9:30 a.m.8 views

EUVD-2026-13083

Deserialization of Untrusted Data vulnerability in Membership Software WishList Member X allows Object Injection.This issue affects WishList Member X: from n/a through 3.29.0...

8.8CVSS5.8AI score0.00301EPSS
Exploits0References2
NVD
NVD
added 2026/03/19 9:16 a.m.8 views

CVE-2026-25445

Deserialization of Untrusted Data vulnerability in Membership Software WishList Member X allows Object Injection.This issue affects WishList Member X: from n/a through 3.29.0...

8.8CVSS0.00301EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/19 8:37 a.m.2 views

CVE-2026-25445 WordPress WishList Member X plugin <= 3.29.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Membership Software WishList Member X allows Object Injection.This issue affects WishList Member X: from n/a through 3.29.0...

8.8CVSS5.8AI score0.00301EPSS
Exploits0References1
CVE
CVE
added 2026/03/19 8:37 a.m.25 views

CVE-2026-25445

The vulnerability is a PHP object injection in the WordPress plugin WishList Member X (affected versions: up to 3.29.0). It stems from a deserialization of untrusted data, enabling object injection that can impact confidentiality, integrity, and availability. The CVSS 3.1 base score is 8.8 (HIGH)...

8.8CVSS5.2AI score0.00301EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/19 8:37 a.m.24 views

CVE-2026-25445 WordPress WishList Member X plugin <= 3.29.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Membership Software WishList Member X allows Object Injection.This issue affects WishList Member X: from n/a through 3.29.0...

8.8CVSS0.00301EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.8 views

PT-2026-26276

Name of the Vulnerable Software and Affected Versions WishList Member X versions through 3.29.0 Description The software contains a flaw related to the deserialization of untrusted data, which allows for object injection. This issue impacts the application's ability to securely handle incoming...

8.8CVSS5.9AI score0.00301EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.6 views

WordPress plugin WishList Member X 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

8.8CVSS5.9AI score0.00301EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/18 8:18 a.m.6 views

WordPress WishList Member X plugin <= 3.29.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by 0xd4rk5id3 in WordPress Plugin WishList Member X versions = 3.29.0...

8.8CVSS5.8AI score0.00301EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/03/18 8:17 a.m.3 views

WordPress WishList Member X plugin <= 3.29.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin WishList Member X versions = 3.29.0...

5.8AI score0.00434EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/20 11:41 p.m.6 views

WordPress WishList Member X plugin <= 3.29.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by 0xd4rk5id3 in WordPress Plugin WishList Member X versions = 3.29.0...

5.4AI score0.00259EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-36431

Malicious code in bioql PyPI...

7.7CVSS6.5AI score0.00594EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-36433

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00551EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-36434

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.00456EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-36436

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00542EPSS
Exploits0References1
Rows per page
Query Builder