CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

55 matches found

Positive Technologies•added 2026/03/24 12:0 a.m.•2 views

PT-2026-27376

Name of the Vulnerable Software and Affected Versions Bootstrapy CMS affected versions not specified Description Multiple SQL injection flaws allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. This can lead to the extraction of...

8.8CVSS6.1AI score0.00121EPSS

Exploits0References5

CNVD•added 2026/03/17 12:0 a.m.•0 views

WordPress Plugin Easy Post Submission Has Unspecified Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Easy Post Submission, which stems from ...

7.5CVSS5.6AI score0.00042EPSS

Exploits0

RedhatCVE•added 2026/03/06 7:53 a.m.•2 views

CVE-2026-22479

Missing Authorization vulnerability in ThemeRuby Easy Post Submission easy-post-submission allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Post Submission: from n/a through = 2.4.0...

7.5CVSS5.9AI score0.00042EPSS

Exploits0References1

EUVD•added 2026/03/05 6:30 a.m.•3 views

EUVD-2026-9590

5.9AI score0.00042EPSS

Exploits0References2

NVD•added 2026/03/05 6:16 a.m.•3 views

CVE-2026-22479

7.5CVSS0.00042EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•28 views

CVE-2026-22479 WordPress Easy Post Submission plugin <= 2.4.0 - Broken Access Control vulnerability

7.5CVSS0.00042EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•2 views

CVE-2026-22479 WordPress Easy Post Submission plugin <= 2.4.0 - Broken Access Control vulnerability

7.5CVSS5.9AI score0.00042EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•11 views

CVE-2026-22479

CVE-2026-22479 describes a missing authorization flaw in the WordPress plugin Easy Post Submission (versions up to 2.4.0). The issue is a Broken Access Control vulnerability allowing exploitation of misconfigured access levels, with the CVSSv3.1 base score of 7.5 (HIGH) and an attack vector of NE...

7.5CVSS5.9AI score0.00042EPSS

Exploits0References1

CNNVD•added 2026/03/05 12:0 a.m.•3 views

WordPress plugin Easy Post Submission 安全漏洞

7.5CVSS5.7AI score0.00042EPSS

Exploits0References1

Patchstack•added 2026/03/04 12:3 p.m.•3 views

WordPress Easy Post Submission plugin <= 2.4.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Doan Dinh Van in WordPress Plugin Easy Post Submission versions = 2.4.0...

7.5CVSS5.8AI score0.00042EPSS

Exploits0Affected Software1

RedhatCVE•added 2026/02/19 7:28 a.m.•3 views

CVE-2026-1296

The Frontend Post Submission Manager Lite plugin for WordPress is vulnerable to Open Redirection in all versions up to, and including, 1.2.7 due to insufficient validation on the 'requestedpage' POST parameter in the verifyusernamepassword function. This makes it possible for unauthenticated...

6.1CVSS5.5AI score0.00387EPSS

Exploits0References1

Vulnrichment•added 2026/02/18 9:25 a.m.•2 views

CVE-2026-2126 User Submitted Posts <= 20260113 - Incorrect Authorization to Unauthenticated Category Restriction Bypass via 'user-submitted-category' Parameter

The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 20260113. This is due to the uspgetsubmittedcategory function accepting user-submitted category IDs from the POST body...

5.3CVSS5.7AI score0.00032EPSS

Exploits0References4

CVE•added 2026/02/18 4:35 a.m.•12 views

CVE-2026-1296

CVE-2026-1296: Frontend Post Submission Manager Lite for WordPress is vulnerable to an unauthenticated Open Redirect in all versions up to 1.2.7 due to insufficient validation of the 'requested_page' POST parameter in the verify_username_password function. This allows attackers to induce users to...

6.1CVSS5.5AI score0.00387EPSS

Exploits0References4

Positive Technologies•added 2026/02/18 12:0 a.m.•3 views

PT-2026-20274

Name of the Vulnerable Software and Affected Versions Frontend Post Submission Manager Lite plugin for WordPress versions through 1.2.7 Description The software contains a flaw that allows redirection to potentially malicious sites. This occurs because of inadequate validation of the requested pa...

6.1CVSS5.5AI score0.00387EPSS

Exploits0References6

Positive Technologies•added 2026/02/18 12:0 a.m.•4 views

PT-2026-20377

The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 20260113. This is due to the usp get submitted category function accepting user-submitted category IDs from the POST body...

5.3CVSS5.7AI score0.00032EPSS

Exploits0References5

Patchstack•added 2025/12/31 12:0 a.m.•4 views

WordPress Frontend Post Submission Manager Lite plugin <= 1.2.5 - Missing Authorization to Unauthenticated Arbitrary Post Modification vulnerability

Missing Authorization to Unauthenticated Arbitrary Post Modification vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Frontend Post Submission Manager Lite versions = 1.2.5...

5.3CVSS5.9AI score0.00124EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/12/27 12:5 a.m.•4 views

CVE-2025-14913

The Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to an incorrect authorization check on the 'mediadeleteaction' function in all versions up to, and including, 1.2.6. This makes it possible for...

5.3CVSS6.1AI score0.00037EPSS

Exploits0References1

CVE•added 2025/12/25 11:20 p.m.•12 views

CVE-2025-14913

CVE-2025-14913 affects the Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin. It allows unauthenticated attackers to delete arbitrary attachments due to an incorrect authorization check in the media_delete_action function, affecting all versions up to 1.2.6. CVSS 3.1 base ...

5.3CVSS5.7AI score0.00037EPSS

Exploits0References3

Vulnrichment•added 2025/12/25 11:20 p.m.•2 views

CVE-2025-14913 Frontend Post Submission Manager Lite <= 1.2.6 - Incorrect Authorization to Unauthenticated Arbitrary Attachment Deletion

5.3CVSS5.7AI score0.00037EPSS

Exploits0References3

Patchstack•added 2025/12/25 11:43 a.m.•4 views

WordPress Frontend Post Submission Manager Lite plugin <= 1.2.6 - Incorrect Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability

Incorrect Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Frontend Post Submission Manager Lite versions = 1.2.6...

5.3CVSS6.8AI score0.00037EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by