Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/11/12 3:46 a.m.6 views

CVE-2025-11988

The Crypto plugin for WordPress is vulnerable to unauthorized manipulation of data in all versions up to, and including, 2.22. This is due to the plugin registering an unauthenticated AJAX action wpajaxnoprivcryptoconnectajaxprocess that allows calling the cryptodeletejson method with only a...

5.3CVSS5.8AI score0.00303EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/11 6:30 a.m.4 views

EUVD-2025-60969

The Crypto plugin for WordPress is vulnerable to unauthorized manipulation of data in all versions up to, and including, 2.22. This is due to the plugin registering an unauthenticated AJAX action wpajaxnoprivcryptoconnectajaxprocess that allows calling the cryptodeletejson method with only a...

5.3CVSS5.4AI score0.00303EPSS
Exploits0References4
NVD
NVD
added 2025/11/11 4:15 a.m.2 views

CVE-2025-11988

The Crypto plugin for WordPress is vulnerable to unauthorized manipulation of data in all versions up to, and including, 2.22. This is due to the plugin registering an unauthenticated AJAX action wpajaxnoprivcryptoconnectajaxprocess that allows calling the cryptodeletejson method with only a...

5.3CVSS0.00303EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/11 3:30 a.m.1 views

CVE-2025-11988 Crypto Tool <= 2.22 - Missing Authentication to Unauthenticated Limited File Deletion

The Crypto plugin for WordPress is vulnerable to unauthorized manipulation of data in all versions up to, and including, 2.22. This is due to the plugin registering an unauthenticated AJAX action wpajaxnoprivcryptoconnectajaxprocess that allows calling the cryptodeletejson method with only a...

5.3CVSS5.5AI score0.00303EPSS
Exploits0References3
CVE
CVE
added 2025/11/11 3:30 a.m.12 views

CVE-2025-11988

The CVE-2025-11988 entry concerns the WordPress Crypto Tool plugin (versions

5.3CVSS5.5AI score0.00303EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/11 3:30 a.m.9 views

CVE-2025-11988 Crypto Tool <= 2.22 - Missing Authentication to Unauthenticated Limited File Deletion

The Crypto plugin for WordPress is vulnerable to unauthorized manipulation of data in all versions up to, and including, 2.22. This is due to the plugin registering an unauthenticated AJAX action wpajaxnoprivcryptoconnectajaxprocess that allows calling the cryptodeletejson method with only a...

5.3CVSS0.00303EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.3 views

PT-2025-46267

Name of the Vulnerable Software and Affected Versions Crypto plugin for WordPress versions prior to 2.23 Description The Crypto plugin for WordPress is susceptible to unauthorized data manipulation. This is caused by an unauthenticated AJAX action, wp ajax nopriv crypto connect ajax process, whic...

5.3CVSS6.5AI score0.00303EPSS
Exploits0References5
Rows per page
Query Builder