Lucene search
+L

9 matches found

cvelist
cvelist
added 2026/05/27 2:53 p.m.45 views

CVE-2026-49051 WordPress WP Meta and Date Remover plugin <= 2.3.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Prasad Kirpekar WP Meta and Date Remover allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Meta and Date Remover: from n/a through 2.3.6...

4.3CVSS0.0022EPSS
Exploits0References1
patchstack
patchstack
added 2026/05/27 2:52 p.m.13 views

WordPress WP Meta and Date Remover plugin <= 2.3.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin WP Meta and Date Remover versions = 2.3.6...

4.3CVSS5.8AI score0.0022EPSS
Exploits0Affected Software1
euvd
euvd
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-51931

Malicious code in bioql PyPI...

5.4CVSS9.1AI score0.00371EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 4:16 a.m.7 views

CVE-2023-4823

The WP Meta and Date Remover WordPress plugin before 2.2.0 provides an AJAX endpoint for configuring the plugin settings. This endpoint has no capability checks and does not sanitize the user input, which is then later output unescaped. Allowing any authenticated users, such as subscriber change...

5.4CVSS6.3AI score0.00377EPSS
Exploits2
redhatcve
redhatcve
added 2025/05/23 2:0 a.m.7 views

CVE-2023-47836

Missing Authorization vulnerability in prasadkirpekar WP Meta and Date Remover wp-meta-and-date-remover allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Meta and Date Remover: from n/a through = 2.3.0...

5.4CVSS7.3AI score0.00371EPSS
Exploits0References1
nvd
nvd
added 2024/12/09 1:15 p.m.8 views

CVE-2023-47836

Missing Authorization vulnerability in prasadkirpekar WP Meta and Date Remover wp-meta-and-date-remover allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Meta and Date Remover: from n/a through = 2.3.0...

5.4CVSS0.00371EPSS
Exploits0References1
prion
prion
added 2023/10/31 2:15 p.m.18 views

Cross site scripting

The WP Meta and Date Remover WordPress plugin before 2.2.0 provides an AJAX endpoint for configuring the plugin settings. This endpoint has no capability checks and does not sanitize the user input, which is then later output unescaped. Allowing any authenticated users, such as subscriber change...

4.9CVSS5.6AI score0.00377EPSS
Exploits2References1Affected Software1
cve
cve
added 2023/10/31 1:54 p.m.57 views

CVE-2023-4823

CVE-2023-4823 affects the WordPress plugin “WP Meta and Date Remover” (versions prior to 2.2.0). The vulnerability arises from an AJAX endpoint used to configure plugin settings that lacks capability checks and does not sanitize user input, with the input later output unescaped. This enables Stor...

5.4CVSS5.6AI score0.00377EPSS
Exploits2References1Affected Software1
patchstack
patchstack
added 2023/07/18 12:0 a.m.6 views

WordPress WP Meta and Date Remover Plugin < 1.9.10 is vulnerable to Cross Site Scripting (XSS)

Software WP Meta and Date Remover Type Plugin Vulnerable versions 1.9.10 Fixed in 1.9.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2f546a378ae2 Credits Rafie Muhammad Patchsta...

6.2AI score0.00284EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder