Lucene search
K

124 matches found

Patchstack
Patchstack
added 2024/12/11 11:24 p.m.4 views

WordPress Minterpress plugin <= 1.0.5 - Arbitrary Option Update to Privilege Escalation vulnerability

Arbitrary Option Update to Privilege Escalation vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Minterpress versions = 1.0.5...

8.8CVSS7AI score0.0075EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/12/11 11:23 p.m.3 views

WordPress Quietly Insights plugin <= 1.2.2 - Arbitrary Option Update to Privilege Escalation vulnerability

Arbitrary Option Update to Privilege Escalation vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Quietly Insights versions = 1.2.2...

8.8CVSS7AI score0.0075EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/12/06 10:1 p.m.2 views

WordPress Eyewear prescription form plugin <= 4.0.18 - Arbitrary Option Update to Privilege Escalation vulnerability

Arbitrary Option Update to Privilege Escalation vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Eyewear prescription form versions = 4.0.18...

9.8CVSS7AI score0.00869EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/06 12:0 a.m.4 views

PT-2024-16909 · WordPress · Ai Quiz | Quiz Maker

Name of the Vulnerable Software and Affected Versions: AI Quiz | Quiz Maker plugin for WordPress versions up to, and including, 1.1 Description: The issue allows unauthorized modification of data, leading to privilege escalation due to a missing capability check on the ai quiz update style...

8.8CVSS7.5AI score0.00419EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/11/25 9:15 p.m.4 views

WordPress Booking & Appointment Plugin for WooCommerce plugin <= 6.9.0 - Authenticated (Subscriber+) Arbitrary Option Update vulnerability

Authenticated Subscriber+ Arbitrary Option Update vulnerability discovered by István Márton in WordPress Plugin Booking & Appointment Plugin for WooCommerce versions = 6.9.0...

8.8CVSS7AI score0.00516EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/14 5:38 p.m.21 views

CVE-2024-52382 WordPress Matix Popup Builder plugin <= 1.0.0 - Arbitrary Option Update to Privilege Escalation vulnerability

Missing Authorization vulnerability in medmatech Matix Popup Builder medma-matix allows Privilege Escalation.This issue affects Matix Popup Builder: from n/a through = 1.0.0...

9.8CVSS8.6AI score0.00955EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/11/11 9:1 a.m.7 views

WordPress Matix Popup Builder plugin <= 1.0.0 - Arbitrary Option Update to Privilege Escalation vulnerability

Arbitrary Option Update to Privilege Escalation vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Matix Popup Builder versions = 1.0.0...

9.8CVSS7AI score0.00955EPSS
Exploits1Affected Software1
Cvelist
Cvelist
added 2024/10/29 8:38 a.m.27 views

CVE-2024-50476 WordPress GRÜN spendino Spendenformular plugin <= 1.0.1 - Arbitrary Option Update to Privilege Escalation vulnerability

Missing Authorization vulnerability in GRÜN Software Group GmbH GRÜN spendino Spendenformular spendino allows Privilege Escalation.This issue affects GRÜN spendino Spendenformular: from n/a through = 1.0.1...

9.8CVSS0.01219EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/10/29 8:33 a.m.27 views

CVE-2024-50490 WordPress PegaPoll plugin <= 1.0.2 - Arbitrary Option Update to Privilege Escalation vulnerability

Missing Authorization vulnerability in lowcage PegaPoll pegapoll allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects PegaPoll: from n/a through = 1.0.2...

9.8CVSS0.00955EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/10/29 8:33 a.m.23 views

CVE-2024-50490 WordPress PegaPoll plugin <= 1.0.2 - Arbitrary Option Update to Privilege Escalation vulnerability

Missing Authorization vulnerability in lowcage PegaPoll pegapoll allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects PegaPoll: from n/a through = 1.0.2...

9.8CVSS5.9AI score0.00955EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/10/25 8:22 a.m.5 views

WordPress PegaPoll plugin <= 1.0.2 - Arbitrary Option Update to Privilege Escalation vulnerability

Arbitrary Option Update to Privilege Escalation vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin PegaPoll versions = 1.0.2...

9.8CVSS7AI score0.00955EPSS
Exploits1Affected Software1
Patchstack
Patchstack
added 2024/10/25 7:37 a.m.5 views

WordPress GRÜN spendino Spendenformular plugin <= 1.0.1 - Arbitrary Option Update to Privilege Escalation vulnerability

Arbitrary Option Update to Privilege Escalation vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin GRÜN spendino Spendenformular versions = 1.0.1...

9.8CVSS7AI score0.01219EPSS
Exploits1Affected Software1
Patchstack
Patchstack
added 2024/10/25 7:34 a.m.6 views

WordPress Signup Page plugin <= 1.0 - Arbitrary Option Update to Privilege Escalation vulnerability

Arbitrary Option Update to Privilege Escalation vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Signup Page versions = 1.0...

9.8CVSS6.9AI score0.01219EPSS
Exploits1Affected Software1
Cvelist
Cvelist
added 2024/10/16 6:43 a.m.28 views

CVE-2021-4445 Premium Addons for Elementor <= 4.5.1 - Authenticated (Subscriber+) Limited Arbitrary Option Update

The Premium Addons for Elementor plugin for WordPress is vulnerable to Arbitrary Option Updates in versions up to, and including, 4.5.1. This is due to missing capability and nonce checks in the padismissadminnotice AJAX action. This makes it possible for authenticated subscriber+ attackers to...

6.5CVSS0.00385EPSS
Exploits1References5
OSV
OSV
added 2024/06/20 2:15 a.m.3 views

CVE-2023-3204

The Materialis theme for WordPress is vulnerable to limited arbitrary options updates in versions up to, and including, 1.1.24. This is due to missing authorization checks on the companiondisablepopup function called via an AJAX action. This makes it possible for authenticated attackers, with...

6.5CVSS5.8AI score
Exploits0References3
Cvelist
Cvelist
added 2024/06/09 12:2 p.m.20 views

CVE-2024-33564 WordPress XStore theme <= 9.3.8 - Arbitrary Option Update vulnerability

Missing Authorization vulnerability in 8theme XStore.This issue affects XStore: from n/a through 9.3.8...

8.8CVSS0.00323EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/09 12:2 p.m.18 views

CVE-2024-33564 WordPress XStore theme <= 9.3.8 - Arbitrary Option Update vulnerability

Missing Authorization vulnerability in 8theme XStore.This issue affects XStore: from n/a through 9.3.8...

8.8CVSS6.9AI score0.00323EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/04 12:0 a.m.4 views

WordPress Plugin ConvertPlug 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.4CVSS6.5AI score0.00368EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/05/03 11:15 a.m.4 views

WordPress EAN for WooCommerce plugin <= 4.8.9 - Arbitrary Option Update to Privilege Escalation vulnerability

Arbitrary Option Update to Privilege Escalation vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin EAN for WooCommerce versions = 4.8.9...

7.2CVSS7AI score0.01095EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/25 1:31 p.m.4 views

WordPress Instant Images plugin <= 6.1.0 - Arbitrary Option Update to Privilege Escalation vulnerability

Arbitrary Option Update to Privilege Escalation vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Instant Images versions = 6.1.0...

7.2CVSS7AI score0.00512EPSS
Exploits0Affected Software1
Rows per page
Query Builder