Lucene search
K

225 matches found

Patchstack
Patchstack
added 2025/12/21 10:43 a.m.6 views

WordPress PostX plugin <= 5.0.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Doan Dinh Van in WordPress Plugin PostX versions = 5.0.3...

7.5CVSS7AI score0.00201EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/21 2:20 a.m.3 views

CVE-2025-12980 Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX <= 5.0.3 - Missing Authorization to Unauthenticated Sensitive Information Exposure

The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the '/ultp/v2/getdynamiccontent/' REST API endpoint in all versions up to, and including, 5.0.3. This makes it possible...

7.5CVSS5.1AI score0.00277EPSS
Exploits0References2
CVE
CVE
added 2025/12/21 2:20 a.m.26 views

CVE-2025-12980

CVE-2025-12980 affects the WordPress plugin Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX . The vulnerability is a Missing Authorization to Unauthenticated Sensitive Information Exposure via the REST endpoint /ultp/v2/get_dynamic_content/ in all versions up to 5.0.3, enabl...

7.5CVSS5.1AI score0.00277EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/21 12:0 a.m.6 views

WordPress plugin Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Post...

7.5CVSS6.4AI score0.00277EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/21 12:0 a.m.10 views

PT-2025-52571

Name of the Vulnerable Software and Affected Versions PostX plugin for WordPress versions up to and including 5.0.3 Description The PostX plugin for WordPress is affected by a flaw that allows unauthorized access to data. A missing capability check on the /ultp/v2/get dynamic content/ REST API...

7.5CVSS6.1AI score0.00277EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/12/19 7:32 a.m.4 views

CVE-2025-54751

Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through = 4.1.36...

7.1CVSS7AI score0.00211EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/19 7:32 a.m.5 views

CVE-2025-55707

Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through = 4.1.35...

7.2CVSS7AI score0.0034EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/18 9:30 a.m.5 views

EUVD-2025-204196

Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through = 4.1.36...

7.1CVSS6.5AI score0.00211EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/18 9:30 a.m.2 views

EUVD-2025-204195

Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through = 4.1.35...

7.2CVSS6.5AI score0.0034EPSS
Exploits0References2
NVD
NVD
added 2025/12/18 8:15 a.m.5 views

CVE-2025-55707

Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through = 4.1.35...

7.2CVSS0.0034EPSS
Exploits0References1
NVD
NVD
added 2025/12/18 8:15 a.m.5 views

CVE-2025-54751

Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through = 4.1.36...

7.1CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 7:21 a.m.22 views

CVE-2025-54751 WordPress PostX plugin <= 4.1.36 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through = 4.1.36...

7.1CVSS0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:21 a.m.3 views

CVE-2025-54751 WordPress PostX plugin <= 4.1.36 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through = 4.1.36...

6.6AI score0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 7:21 a.m.23 views

CVE-2025-55707 WordPress PostX Plugin <= 4.1.35 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through = 4.1.35...

7.2CVSS0.0034EPSS
Exploits0References1
CVE
CVE
added 2025/12/18 7:21 a.m.11 views

CVE-2025-54751

Summary: CVE-2025-54751 is a missing authorization / broken access control vulnerability in WPXPO PostX ultimate-post, affecting PostX versions up to 4.1.36. The issue arises from incorrectly configured access control security levels within the PostX plugin, enabling unauthorized access due to in...

7.1CVSS6.6AI score0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:21 a.m.2 views

CVE-2025-55707 WordPress PostX Plugin <= 4.1.35 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through = 4.1.35...

6.6AI score0.0034EPSS
Exploits0References1
CVE
CVE
added 2025/12/18 7:21 a.m.14 views

CVE-2025-55707

CVE-2025-55707 affects the WordPress PostX plugin (WPXPO PostX ultimate-post) with privilege escalation due to incorrect privilege assignment in versions up to 4.1.35. Multiple sources corroborate the vulnerability and indicate remediation is to update PostX to a version later than 4.1.35. The Re...

7.2CVSS6.6AI score0.0034EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.5 views

WordPress plugin PostX 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

7.1CVSS6.6AI score0.00211EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.5 views

PT-2025-52050

Name of the Vulnerable Software and Affected Versions PostX versions through 4.1.36 Description An authorization issue exists in WPXPO PostX ultimate-post due to incorrectly configured access control security levels. This allows exploitation of the system. Recommendations Update PostX to a versio...

7.1CVSS6.5AI score0.00211EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.5 views

PT-2025-52051

Name of the Vulnerable Software and Affected Versions PostX versions through 4.1.35 Description An incorrect privilege assignment exists in WPXPO PostX ultimate-post, potentially allowing privilege escalation. Recommendations Update PostX to a version later than 4.1.35...

7.2CVSS6.7AI score0.0034EPSS
Exploits0References3
Rows per page
Query Builder