Lucene search
K

728 matches found

RedhatCVE
RedhatCVE
added 2025/10/19 6:43 a.m.10 views

CVE-2025-11741

The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.2.5 via the 'woosqquickview' AJAX endpoint due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated...

5.3CVSS6.2AI score0.00306EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/18 9:30 a.m.4 views

EUVD-2025-34981

The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.2.5 via the 'woosqquickview' AJAX endpoint due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated...

5.3CVSS5.7AI score0.00306EPSS
Exploits0References3
NVD
NVD
added 2025/10/18 7:15 a.m.3 views

CVE-2025-11741

The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.2.5 via the 'woosqquickview' AJAX endpoint due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated...

5.3CVSS0.00306EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/18 6:42 a.m.3 views

CVE-2025-11741 WPC Smart Quick View for WooCommerce <= 4.2.5 - Insecure Direct Object Reference to Unauthenticated Private Product Exposure

The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.2.5 via the 'woosqquickview' AJAX endpoint due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated...

5.3CVSS5.8AI score0.00306EPSS
Exploits0References2
NVD
NVD
added 2025/10/15 9:15 a.m.8 views

CVE-2025-11701

The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the zacreatezipcallback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to...

5.3CVSS0.00261EPSS
Exploits0References3
CVE
CVE
added 2025/10/15 8:26 a.m.14 views

CVE-2025-11701

CVE-2025-11701 refers to the WordPress plugin Zip Attachments (versions

5.3CVSS5.1AI score0.00261EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/15 8:26 a.m.7 views

CVE-2025-11701 Zip Attachments <= 1.6 - Missing Authorization to Unauthenticated Private And Password-Protected Posts Attachment Disclosure

The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the zacreatezipcallback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to...

5.3CVSS0.00261EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/15 8:26 a.m.3 views

CVE-2025-11701 Zip Attachments <= 1.6 - Missing Authorization to Unauthenticated Private And Password-Protected Posts Attachment Disclosure

The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the zacreatezipcallback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to...

5.3CVSS5.1AI score0.00261EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/10/15 12:31 a.m.7 views

WordPress Zip Attachments plugin <= 1.6 - Missing Authorization to Unauthenticated Private And Password-Protected Posts Attachment Disclosure vulnerability

Missing Authorization to Unauthenticated Private And Password-Protected Posts Attachment Disclosure vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Zip Attachments versions = 1.6...

5.3CVSS7AI score0.00261EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.2 views

WordPress plugin Zip Attachments 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.6AI score0.00261EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2002-0344

Malware in sbrugna...

5CVSS6.4AI score0.0559EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-24813

Malware in sbrugna...

5.3CVSS5.6AI score0.01079EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2006-1556

Malware in sbrugna...

7.5CVSS6.4AI score0.01864EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2004-2212

Malware in sbrugna...

5CVSS6.4AI score0.01516EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2004-2297

Malware in sbrugna...

5CVSS6.4AI score0.02709EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-17222

Malware in sbrugna...

9.8CVSS9.5AI score0.03214EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2007-0852

Malware in sbrugna...

6.8CVSS6.1AI score0.03954EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-20232

Malware in sbrugna...

7.5CVSS7.4AI score0.00723EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-8300

Malware in sbrugna...

5.7CVSS5.6AI score0.00891EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-7403

Malicious code in bioql PyPI...

6.5CVSS9.2AI score0.00304EPSS
Exploits0References2
Rows per page
Query Builder