Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2021-11890

Malware in sbrugna...

5.3CVSS5.3AI score0.00519EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2023-24079

Malicious code in bioql PyPI...

6.5CVSS7.5AI score0.00609EPSS
Exploits2References2
Cvelist
Cvelist
added 2025/06/13 3:41 a.m.14 views

CVE-2025-5282 WP Travel Engine <= 6.5.1 - Missing Authorization to Unauthenticated Arbitrary Post Deletion

The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deletepackage function in all versions up to, and including, 6.5.1. This makes it possible for unauthenticated attackers to...

7.5CVSS0.0026EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:48 p.m.13 views

CVE-2022-4239

The Workreap WordPress theme before 2.6.4 does not verify that an addon service belongs to the user issuing the request, or indeed that it is an addon service, when processing the workreapaddonsserviceremove action, allowing any user to delete any post by knowing or guessing the id...

6.5CVSS6.9AI score0.00593EPSS
Exploits2References1
CNNVD
CNNVD
added 2025/05/12 12:0 a.m.5 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS and Apple iPadOS, which arises from the possibility that call logs may still...

7.1CVSS6.2AI score0.00337EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/26 5:34 a.m.22 views

CVE-2025-3915 Aeropage Sync for Airtable <= 3.2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion

The Aeropage Sync for Airtable plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'aeropageDeletePost' function in all versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS0.0027EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/03/04 9:22 a.m.25 views

CVE-2025-0958 Ultimate WordPress Auction Plugin <= 4.2.9 - Missing Authorization to Arbitrary Post Deletion

The Ultimate WordPress Auction Plugin plugin for WordPress is vulnerable to unauthorized access to functionality in all versions up to, and including, 4.2.9. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary auctions, posts as well as...

5.4CVSS0.00332EPSS
Exploits0References5
CVE
CVE
added 2025/03/04 9:22 a.m.73 views

CVE-2025-0958

CVE-2025-0958 concerns the Ultimate WordPress Auction Plugin (

6.3CVSS5.5AI score0.00332EPSS
Exploits0References5Affected Software1
Patchstack
Patchstack
added 2025/02/12 9:46 p.m.4 views

WordPress Read More & Accordion plugin <= 3.4.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary 'Read More' Post Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary 'Read More' Post Deletion vulnerability discovered by theviper17y in WordPress Plugin Read More & Accordion versions = 3.4.2...

4.3CVSS7AI score0.0031EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/03/24 11:15 p.m.13 views

Cross site request forgery (csrf)

Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery CSRF via the component anchor/routes/posts.php. This vulnerability allows attackers to arbitrarily delete posts...

3.5CVSS4.9AI score0.00395EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2021/11/05 7:44 p.m.8 views

CVE-2021-42359 WP DSGVO Tools (GDPR) <= 3.1.23 Unauthenticated Arbitrary Post Deletion

WP DSGVO Tools GDPR = 3.1.23 had an AJAX action, ‘admin-dismiss-unsubscribe‘, which lacked a capability check and a nonce check and was available to unauthenticated users, and did not check the post type when deleting unsubscription requests. As such, it was possible for an attacker to permanentl...

7.5CVSS6.9AI score0.0393EPSS
Exploits1References1
NVD
NVD
added 2019/05/21 5:29 p.m.18 views

CVE-2019-12253

my little forum before 2.4.20 allows CSRF to delete posts, as demonstrated by mode=posting&deleteposting...

6.5CVSS6.5AI score0.00601EPSS
Exploits1References2
Rows per page
Query Builder