Lucene search
K

729 matches found

HackRead
HackRead
added 2026/02/17 11:12 a.m.5 views

How to Securely Edit and Redact Sensitive PDFs: A Cybersecurity Guide

PDF security guide covering redaction, metadata risks, compliance standards, and safe editing of password-protected files to prevent data leaks...

5.5AI score
Exploits0
CVE
CVE
added 2026/02/11 1:23 a.m.8 views

CVE-2025-15524

CVE-2025-15524 affects the WordPress plugin Gallery by FooGallery (versions up to and including 3.1.9). A missing capability check in ajax_get_gallery_info() allows authenticated users with Subscriber-level access and above to enumerate gallery IDs and retrieve private/draft/password-protected ga...

4.3CVSS5.5AI score0.00221EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/04 1:20 p.m.5 views

CVE-2026-0950

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 2.19.17. This is due to the plugin failing to check postpasswordrequired before rendering post excerpts in the renderexcerpt...

5.3CVSS5.4AI score0.00346EPSS
Exploits0References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.64 views

The Events Calendar <= 6.15.2 - Information Disclosure

The Events Calendar WordPress plugin = 6.15.2 contains an information disclosure vulnerability caused by REST endpoint exposure, letting unauthenticated attackers extract data about password-protected vendors or venues, exploit requires no authentication. id: CVE-2025-9808 info: name: The Events...

5.3CVSS6.2AI score0.00771EPSS
Exploits0References5
NVD
NVD
added 2026/02/03 6:15 a.m.7 views

CVE-2026-0950

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 2.19.17. This is due to the plugin failing to check postpasswordrequired before rendering post excerpts in the renderexcerpt...

5.3CVSS0.00346EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2026/02/03 5:30 a.m.5 views

CVE-2026-0950 Spectra Gutenberg Blocks <= 2.19.17 - Unauthenticated Information Disclosure in Sensitive Data

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 2.19.17. This is due to the plugin failing to check postpasswordrequired before rendering post excerpts in the renderexcerpt...

5.3CVSS5.4AI score0.00346EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/02/03 5:30 a.m.27 views

CVE-2026-0950 Spectra Gutenberg Blocks <= 2.19.17 - Unauthenticated Information Disclosure in Sensitive Data

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 2.19.17. This is due to the plugin failing to check postpasswordrequired before rendering post excerpts in the renderexcerpt...

5.3CVSS0.00346EPSS
Exploits0References10
EUVD
EUVD
added 2026/02/03 5:30 a.m.10 views

EUVD-2026-5268

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 2.19.17. This is due to the plugin failing to check postpasswordrequired before rendering post excerpts in the renderexcerpt...

5.3CVSS5.4AI score0.00346EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/02/03 5:30 a.m.5 views

CVE-2026-0950

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 2.19.17. This is due to the plugin failing to check postpasswordrequired before rendering post excerpts in the renderexcerpt...

5.3CVSS5.4AI score0.00346EPSS
Exploits0References11
CVE
CVE
added 2026/02/03 5:30 a.m.19 views

CVE-2026-0950

The CVE-2026-0950 affects the Spectra Gutenberg Blocks – Website Builder for the Block Editor WordPress plugin. All versions up to 2.19.17 are reported vulnerable to Information Disclosure due to failing to check post_password_required() before rendering post excerpts in render_excerpt() and in u...

5.3CVSS5.4AI score0.00346EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/01/26 3:12 a.m.18 views

CVE-2025-6461

The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.27 via the search feature in class-cubewp-search-ajax-hooks.php due to insufficient restrictions on which posts can be included. This makes it...

4.3CVSS5.6AI score0.00196EPSS
Exploits0References1
NVD
NVD
added 2026/01/25 3:15 a.m.6 views

CVE-2025-6461

The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.27 via the search feature in class-cubewp-search-ajax-hooks.php due to insufficient restrictions on which posts can be included. This makes it...

4.3CVSS0.00196EPSS
Exploits0References2
CVE
CVE
added 2026/01/25 2:22 a.m.12 views

CVE-2025-6461

CVE-2025-6461 affects the CubeWP Framework (WordPress) and is due to Information Exposure via the search functionality in class-cubewp-search-ajax-hooks.php. It applies to all versions up to and including 1.1.27, enabling unauthenticated attackers to retrieve data from password-protected, private...

4.3CVSS5.6AI score0.00196EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/25 2:22 a.m.4 views

CVE-2025-6461 CubeWP – All-in-One Dynamic Content Framework <= 1.1.27 - Unauthenticated Post Disclosure in class-cubewp-search-ajax-hooks.php

The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.27 via the search feature in class-cubewp-search-ajax-hooks.php due to insufficient restrictions on which posts can be included. This makes it...

4.3CVSS5.9AI score0.00196EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/17 7:27 a.m.4 views

CVE-2025-12129

The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.27 via the /cubewp-posts/v1/query-new and /cubewp-posts/v1/query REST API endpoints due to insufficient restrictions on which posts can be include...

5.3CVSS5.5AI score0.00219EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/17 7:27 a.m.6 views

EUVD-2026-3147

The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.27 via the /cubewp-posts/v1/query-new and /cubewp-posts/v1/query REST API endpoints due to insufficient restrictions on which posts can be include...

5.3CVSS5.7AI score0.00219EPSS
Exploits0References3
CVE
CVE
added 2026/01/17 7:27 a.m.22 views

CVE-2025-12129

CVE-2025-12129 affects the CubeWP – All-in-One Dynamic Content Framework WordPress plugin (versions up to and including 1.1.27). Unauthenticated attackers can exfiltrate data from password-protected, private, or draft posts via the REST endpoints /cubewp-posts/v1/query-new and /cubewp-posts/v1/qu...

5.3CVSS5.8AI score0.00219EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/17 12:0 a.m.9 views

PT-2026-3353

The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.27 via the /cubewp-posts/v1/query-new and /cubewp-posts/v1/query REST API endpoints due to insufficient restrictions on which posts can be include...

5.3CVSS6.2AI score0.00219EPSS
Exploits0References3
NVD
NVD
added 2026/01/16 5:16 a.m.11 views

CVE-2025-15527

The WP Recipe Maker plugin for WordPress is vulnerable to Information Exposure in versions up to, and including, 10.2.2 via the apigetpostsummary function due to insufficient restrictions on which posts can be retrieved. This makes it possible for authenticated attackers, with Contributor-level...

4.3CVSS0.00319EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/01/16 4:44 a.m.3 views

CVE-2025-15527

The WP Recipe Maker plugin for WordPress is vulnerable to Information Exposure in versions up to, and including, 10.2.2 via the apigetpostsummary function due to insufficient restrictions on which posts can be retrieved. This makes it possible for authenticated attackers, with Contributor-level...

4.3CVSS5.5AI score0.00319EPSS
Exploits0References6
Rows per page
Query Builder