CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2026/04/04 12:31 p.m.•1 views

EUVD-2026-18993

The Text to Speech for WP AI Voices by Mementor plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.9.8. This is due to the plugin containing hardcoded MySQL database credentials for the vendor's external telemetry server in the...

7.5CVSS5.9AI score0.00024EPSS

Exploits0References3

NVD•added 2026/04/04 12:16 p.m.•1 views

CVE-2026-1233

7.5CVSS0.00024EPSS

Exploits0References2

Vulnrichment•added 2026/04/04 11:16 a.m.•1 views

CVE-2026-1233 Text to Speech (TTS) by Mementor <= 1.9.8 - Use of Hardcoded Password to Unauthenticated Remote Database Access

7.5CVSS5.9AI score0.00024EPSS

Exploits0References2

Positive Technologies•added 2026/04/04 12:0 a.m.•2 views

PT-2026-30344

Name of the Vulnerable Software and Affected Versions Text to Speech for WP AI Voices by Mementor versions up to and including 1.9.8 Description The Text to Speech for WP AI Voices by Mementor plugin for WordPress contains hardcoded MySQL database credentials for the vendor's external telemetry...

7.5CVSS5.9AI score0.00024EPSS

Exploits0References6

RedhatCVE•added 2025/11/12 3:46 a.m.•2 views

CVE-2025-11168

The Mementor Core plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.2.5. This is due to plugin not properly handling the user switch back function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to eleva...

8.8CVSS5.8AI score0.00053EPSS

Exploits0References1

EUVD•added 2025/11/11 6:30 a.m.•1 views

EUVD-2025-60972

8.8CVSS5.4AI score0.00053EPSS

Exploits0References4

NVD•added 2025/11/11 4:15 a.m.•1 views

CVE-2025-11168

8.8CVSS0.00053EPSS

Exploits0References3

CVE•added 2025/11/11 3:30 a.m.•6 views

CVE-2025-11168

CVE-2025-11168 (Mementor Core, WordPress) The vulnerability affects Mementor Core plugin for WordPress versions up to 2.2.5. It stems from improper handling of the user switch-back function, enabling authenticated attackers with Subscriber-level access or higher to escalate to an administrator ac...

8.8CVSS5.5AI score0.00053EPSS

Exploits0References3

Cvelist•added 2025/11/11 3:30 a.m.•3 views

CVE-2025-11168 Mementor Core <= 2.2.5 - Authenticated (Subscriber+) Privilege Escalation

8.8CVSS0.00053EPSS

Exploits0References3

Vulnrichment•added 2025/11/11 3:30 a.m.•1 views

CVE-2025-11168 Mementor Core <= 2.2.5 - Authenticated (Subscriber+) Privilege Escalation

8.8CVSS5.4AI score0.00053EPSS

Exploits0References3

Positive Technologies•added 2025/11/11 12:0 a.m.•2 views

PT-2025-46244

Name of the Vulnerable Software and Affected Versions Mementor Core plugin for WordPress versions up to and including 2.2.5 Description The plugin does not properly handle the user switch back function, allowing authenticated attackers with Subscriber-level access or above to elevate their...

8.8CVSS6.4AI score0.00053EPSS

Exploits0References10

CNNVD•added 2025/11/11 12:0 a.m.•1 views

WordPress plugin Mementor Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

8.8CVSS6.4AI score0.00053EPSS

Exploits0References3