Lucene search
K

11 matches found

CNNVD
CNNVD
added 2026/06/06 12:0 a.m.16 views

WordPress plugin SEO Plugin by Squirrly SEO 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.3AI score0.00296EPSS
Exploits0References15
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.12 views

WordPress plugin Kirki – Freeform Page Builder, Website Builder & Customizer 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.5CVSS5.8AI score0.00404EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/01 10:7 a.m.28 views

CVE-2026-24096 Insufficient permission validation on multiple REST API Quick Setup endpoints

Insufficient permission validation on multiple REST API Quick Setup endpoints in Checkmk 2.5.0 beta before version 2.5.0b2 and 2.4.0 before version 2.4.0p25 allows low-privileged users to perform unauthorized actions or obtain sensitive information...

5.3CVSS0.00236EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/16 8:19 p.m.2 views

CVE-2026-26230 Team Admin Privilege Escalation to Demote Members to Guest

Mattermost versions 10.11.x = 10.11.10 fail to properly validate permission requirements in the team member roles API endpoint which allows team administrators to demote members to guest role. Mattermost Advisory ID: MMSA-2025-00531...

3.8CVSS5.8AI score0.00159EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.7 views

WordPress plugin WaMate Confirm – Order Confirmation 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00285EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/11/18 3:11 p.m.4 views

CVE-2025-58122 Insufficient permission validation when configuring notification parameters

Insufficient permission validation in Checkmk 2.4.0 before version 2.4.0p16 allows low-privileged users to modify notification parameters via the REST API, which could lead to unauthorized actions or information disclosure...

5.3CVSS6.1AI score0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/16 8:10 a.m.9 views

CVE-2025-41443 Guest user can discover active public channels

Mattermost versions 10.5.x = 10.5.12, 10.11.x = 10.11.2 fail to properly validate guest user permissions when accessing channel information which allows guest users to discover active public channels and their metadata via the /api/v4/teams/teamid/channels/ids endpoint...

4.3CVSS0.00287EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.6 views

PeerTube 安全漏洞

PeerTube is a decentralized video sharing service platform open-sourced by Chocobozzz. It is used to create video projects. PeerTube suffers from a security vulnerability that stems from a lack of permission validation, which could lead to the addition of playlists to other users' channels via th...

5.3CVSS6.5AI score0.00333EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/10/30 12:0 a.m.6 views

PT-2023-29693 · Xmlsoft · Mlsoft Tco!Stream

Name of the Vulnerable Software and Affected Versions: MLSoft TCO!stream versions 8.0.22.1115 and below Description: A vulnerability exists in MLSoft TCO!stream due to insufficient permission validation, allowing an attacker to make the victim download and execute arbitrary files. Recommendations...

9.8CVSS9.5AI score0.00268EPSS
Exploits0References6
CNVD
CNVD
added 2020/09/30 12:0 a.m.4 views

GitLab Authorization Issues Vulnerability (CNVD-2020-57832)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions prior ...

7.2CVSS6.7AI score0.0115EPSS
Exploits1References1
OSV
OSV
added 2017/04/29 12:59 a.m.6 views

CVE-2017-7644

The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, and 7.1.x before 7.1.9 allows remote authenticated users to obtain sensitive information by leveraging incorrect permission validation, aka PAN-SA-2017-0013 and PAN-70541...

6.5CVSS7.3AI score0.0102EPSS
Exploits0References1
Rows per page
Query Builder