Lucene search
K

56 matches found

CVE
CVE
added 2024/04/09 8:15 a.m.63 views

CVE-2024-31367

Technical details for CVE-2024-31367 are not provided in the supplied documents. Current records only note a missing authorization vulnerability affecting PenciDesign Soledad up to version 8.4.2; monitor for official updates, patches, and affected releases.

7.1CVSS5.1AI score0.00428EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/04/09 8:15 a.m.21 views

CVE-2024-31367 WordPress Soledad theme <= 8.4.2 - Authenticated Broken Access Control vulnerability

Missing Authorization vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2...

7.1CVSS7.1AI score0.00428EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.7 views

PT-2024-24012 · Pencidesign · Soledad

Name of the Vulnerable Software and Affected Versions: Soledad versions through 8.4.2 Description: The issue is related to a Missing Authorization vulnerability in PenciDesign Soledad. Recommendations: For Soledad versions through 8.4.2, at the moment, there is no information about a newer versio...

7.1CVSS5.9AI score0.00428EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.7 views

PT-2024-24014 · Pencidesign · Pencidesign Soledad

Name of the Vulnerable Software and Affected Versions: PenciDesign Soledad versions through 8.4.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions on a web application...

5.4CVSS6.1AI score0.00221EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.9 views

PT-2024-24013 · Pencidesign · Pencidesign Soledad

Name of the Vulnerable Software and Affected Versions: PenciDesign Soledad versions through 8.4.2 Description: A Missing Authorization issue affects the software. Recommendations: For versions through 8.4.2, update to a version newer than 8.4.2 to resolve the issue...

6.5CVSS6.3AI score0.00437EPSS
Exploits0References4
OSV
OSV
added 2023/12/21 1:15 p.m.3 views

CVE-2023-49826

Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1...

9.8CVSS5.8AI score0.00567EPSS
Exploits0References1
NVD
NVD
added 2023/12/21 1:15 p.m.24 views

CVE-2023-49826

Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1...

9.8CVSS0.00567EPSS
Exploits0References1
Prion
Prion
added 2023/12/21 1:15 p.m.22 views

Deserialization of untrusted data

Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1...

7.5CVSS7.2AI score0.00567EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/12/21 12:34 p.m.24 views

CVE-2023-49826 WordPress Soledad Theme <= 8.4.1 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1...

8.1CVSS7.2AI score0.00567EPSS
Exploits0References1
CVE
CVE
added 2023/12/21 12:34 p.m.104 views

CVE-2023-49826

CVE-2023-49826 corresponds to a deserialization of untrusted data vulnerability in the Soledad WordPress theme (versions up to 8.4.1). Root cause: PHP Object Injection via untrusted data deserialization. Impact: unauthenticated remote code execution/total compromise potential on affected sites. A...

9.8CVSS8.6AI score0.00567EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/12/20 4:15 p.m.4 views

CVE-2023-49825

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1...

8.1CVSS5.8AI score0.00528EPSS
Exploits0References1
NVD
NVD
added 2023/12/20 4:15 p.m.14 views

CVE-2023-49825

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1...

8.5CVSS0.00528EPSS
Exploits0References1
Prion
Prion
added 2023/12/20 4:15 p.m.20 views

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1...

5.5CVSS8AI score0.00528EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/20 3:38 p.m.115 views

CVE-2023-49825

CVE-2023-49825 concerns an SQL Injection in the Soledad WordPress Theme (Soledad – Multipurpose, Newspaper, Blog & WooCommerce) by PenciDesign. Affected versions are 8.4.1 and earlier (described as n/a to 8.4.1). Root cause: improper neutralization/escaping of input elements used in SQL queries. ...

8.5CVSS8.6AI score0.00528EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/12/14 3:15 p.m.22 views

CVE-2023-49827

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme allows Reflected XSS.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from...

7.1CVSS0.00393EPSS
Exploits0References1
CVE
CVE
added 2023/12/14 2:32 p.m.77 views

CVE-2023-49827

CVE-2023-49827 affects the Soledad WordPress theme (multipurpose/Soledad) up to version 8.4.1, enabling Reflected XSS due to improper input handling in web page generation. The Red Hat and Patchstack entries corroborate the vulnerability and list 8.4.2 as the fixed version. Recommended remediatio...

7.1CVSS7.1AI score0.00393EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder