Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 6:25 p.m.2 views

CVE-2021-24978

The OSMapper WordPress plugin through 2.1.5 contains an AJAX action to delete a plugin related post type named 'map' and is registered with the wpajaxnopriv prefix, making it available to unauthenticated users. There is no authorisation, CSRF and checks in place to ensure that the post to delete ...

5.3CVSS7AI score0.00144EPSS
Exploits2References1
OSV
OSVadded 2022/03/28 6:15 p.m.0 views

CVE-2021-24978

The OSMapper WordPress plugin through 2.1.5 contains an AJAX action to delete a plugin related post type named 'map' and is registered with the wpajaxnopriv prefix, making it available to unauthenticated users. There is no authorisation, CSRF and checks in place to ensure that the post to delete ...

5.3CVSS5.9AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2022/03/28 12:0 a.m.2 views

PT-2022-9544 · WordPress · Osmapper Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: OSMapper WordPress plugin versions 2.1.5 and earlier Description: The issue allows unauthenticated users to delete arbitrary posts from a blog due to an AJAX action in the OSMapper WordPress plugin that lacks authorization, CSRF checks, and...

5.3CVSS5.1AI score0.00144EPSS
Exploits2References4
Rows per page
Query Builder