Lucene search
K

728 matches found

Cvelist
Cvelist
added 2024/04/10 4:30 a.m.40 views

CVE-2024-3235 Essential Grid <= 3.1.1 - Unauthenticated Private Post Disclosure

The Essential Grid Gallery WordPress Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.1 via the onfrontajaxaction function. This makes it possible for unauthenticated attackers to view private and password protected posts that m...

5.3CVSS5.5AI score0.00688EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/10 12:0 a.m.5 views

PT-2024-24526 · WordPress · Essential Grid Gallery

Name of the Vulnerable Software and Affected Versions: The Essential Grid Gallery WordPress Plugin versions up to, and including, 3.1.1 Description: The issue allows unauthenticated attackers to view private and password-protected posts that may contain sensitive information. This is possible due...

5.3CVSS6.8AI score0.00688EPSS
Exploits0References4
NVD
NVD
added 2024/04/09 7:15 p.m.15 views

CVE-2024-2093

The VK All in One Expansion Unit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 9.95.0.1 via social meta tags. This makes it possible for unauthenticated attackers to view limited password protected content...

6.5CVSS6.4AI score0.00678EPSS
Exploits1References3
NVD
NVD
added 2024/04/09 7:15 p.m.10 views

CVE-2024-1984

The Graphene theme for WordPress is vulnerable to unauthorized access of data via meta tag in all versions up to, and including, 2.9.2. This makes it possible for unauthenticated individuals to obtain post contents of password protected posts via the generated source...

5.3CVSS5.2AI score0.00523EPSS
Exploits0References2
OSV
OSV
added 2024/04/09 7:15 p.m.7 views

AZL-43177 CVE-2024-1984 affecting package graphene 1.10.4-3

The Graphene theme for WordPress is vulnerable to unauthorized access of data via meta tag in all versions up to, and including, 2.9.2. This makes it possible for unauthenticated individuals to obtain post contents of password protected posts via the generated source...

5.3CVSS5.7AI score0.00523EPSS
Exploits0References1
OSV
OSV
added 2024/04/09 7:15 p.m.6 views

AZL-43182 CVE-2024-1984 affecting package graphene 1.10.8-1

The Graphene theme for WordPress is vulnerable to unauthorized access of data via meta tag in all versions up to, and including, 2.9.2. This makes it possible for unauthenticated individuals to obtain post contents of password protected posts via the generated source...

5.3CVSS5.7AI score0.00523EPSS
Exploits0References1
NVD
NVD
added 2024/04/09 7:15 p.m.12 views

CVE-2024-1641

The Accordion plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'accordionsduplicatepostasdraft' function in all versions up to, and including, 2.2.96. This makes it possible for authenticated attackers, with...

5.4CVSS5.2AI score0.00481EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/04/09 6:59 p.m.16 views

CVE-2024-2093

The VK All in One Expansion Unit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 9.95.0.1 via social meta tags. This makes it possible for unauthenticated attackers to view limited password protected content...

6.5CVSS7.2AI score0.00678EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/04/09 6:59 p.m.18 views

CVE-2024-1984 Graphene <= 2.9.2 - Missing Authorization

The Graphene theme for WordPress is vulnerable to unauthorized access of data via meta tag in all versions up to, and including, 2.9.2. This makes it possible for unauthenticated individuals to obtain post contents of password protected posts via the generated source...

5.3CVSS5.5AI score0.00523EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/09 6:58 p.m.19 views

CVE-2024-1641 Accordion <= 2.2.96 - Missing Authorization to Authenticated(Contributor+) Post Duplication

The Accordion plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'accordionsduplicatepostasdraft' function in all versions up to, and including, 2.2.96. This makes it possible for authenticated attackers, with...

5.4CVSS5.4AI score0.00481EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.4 views

WordPress Theme Graphene 安全漏洞

WordPress is a blogging platform developed in the PHP language by the WordPress Foundation. The platform supports personal blog sites on servers running PHP and MySQL.WordPress theme is a theme for WordPress. A security vulnerability exists in WordPress Theme Graphene 2.9.2 and earlier versions,...

5.3CVSS8.7AI score0.00523EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.6 views

PT-2024-18189 · WordPress · Accordion

Name of the Vulnerable Software and Affected Versions: Accordion plugin for WordPress versions up to and including 2.2.96 Description: The issue allows authenticated attackers with contributor access and above to access and modify data due to a missing capability check on the accordions duplicate...

5.4CVSS9.3AI score0.00481EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.6 views

PT-2024-18472 · WordPress · Graphene

Name of the Vulnerable Software and Affected Versions: The Graphene theme for WordPress versions up to, and including, 2.9.2 Description: The issue allows unauthorized access to data via a meta tag, making it possible for unauthenticated individuals to obtain post contents of password-protected...

5.3CVSS9.4AI score0.00523EPSS
Exploits0References5
OSV
OSV
added 2024/04/06 4:15 a.m.4 views

CVE-2024-2950

The BoldGrid Easy SEO – Simple and Effective SEO plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.6.14 via meta information og:description This makes it possible for unauthenticated attackers to view the first 130 characters of a password protecte...

5.3CVSS5.8AI score0.00508EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/06 3:24 a.m.23 views

CVE-2024-2950 BoldGrid Easy SEO – Simple and Effective SEO <= 1.6.14 - Information Exposure

The BoldGrid Easy SEO – Simple and Effective SEO plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.6.14 via meta information og:description This makes it possible for unauthenticated attackers to view the first 130 characters of a password protecte...

5.3CVSS5.4AI score0.00508EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/05 12:0 a.m.8 views

PT-2024-22926 · Boldgrid · Boldgrid Easy Seo

Name of the Vulnerable Software and Affected Versions: The BoldGrid Easy SEO plugin for WordPress versions up to, and including, 1.6.14 Description: The issue allows unauthenticated attackers to view the first 130 characters of a password-protected post, which can contain sensitive information, v...

5.3CVSS9.5AI score0.00508EPSS
Exploits0References7
Patchstack
Patchstack
added 2024/04/01 8:30 a.m.6 views

WordPress Hubbub Lite plugin < 1.33.1 - Unauthenticated Password Protected Posts Access vulnerability

Unauthenticated Password Protected Posts Access vulnerability discovered by Krzysztof Zając CERT PL in WordPress Plugin Hubbub Lite versions 1.33.1...

5.3CVSS7AI score0.00516EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2024/04/01 5:15 a.m.5 views

CVE-2024-1526

The Hubbub Lite WordPress plugin before 1.33.1 does not ensure that user have access to password protected post before displaying its content in a meta tag...

5.3CVSS5.8AI score0.00516EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/04/01 5:0 a.m.15 views

CVE-2024-1526 Hubbub Lite < 1.33.1 - Unauthenticated Password Protected Posts Access

The Hubbub Lite WordPress plugin before 1.33.1 does not ensure that user have access to password protected post before displaying its content in a meta tag...

6.8AI score0.00516EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.21 views

VK All in One Expansion Unit < 9.96.0.0 - Unauthenticated Password Protected Content Access

Description The plugin is vulnerable to Sensitive Information Exposure via social meta tags, allowing unauthenticated attackers to view limited password protected content...

6.5CVSS7.2AI score0.00678EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder