Lucene search
K

6271 matches found

Vulnrichment
Vulnrichment
added 2024/10/20 10:10 a.m.10 views

CVE-2024-49628 WordPress Most And Least Read Posts Widget plugin <= 2.5.18 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WhileTrue Most And Least Read Posts Widget allows Cross Site Request Forgery.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.18...

4.3CVSS7AI score0.00195EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/20 10:5 a.m.12 views

CVE-2024-49629 WordPress Endless Posts Navigation plugin <= 2.2.7 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Fahad Mahmood Endless Posts Navigation allows Stored XSS.This issue affects Endless Posts Navigation: from n/a through 2.2.7...

7.1CVSS6.8AI score0.00158EPSS
Exploits0References1
CVE
CVE
added 2024/10/20 10:5 a.m.51 views

CVE-2024-49629

CVE-2024-49629 concerns the WordPress plugin Endless Posts Navigation (versions

7.1CVSS5.9AI score0.00158EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/10/20 10:5 a.m.32 views

CVE-2024-49629 WordPress Endless Posts Navigation plugin <= 2.2.7 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Stored XSS.This issue affects Endless Posts Navigation: from n/a through = 2.2.7...

7.1CVSS0.00158EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/20 12:0 a.m.4 views

PT-2024-33584 · WordPress · Endless Posts Navigation

Name of the Vulnerable Software and Affected Versions: Endless Posts Navigation versions n/a through 2.2.7 Description: A Cross-Site Request Forgery CSRF issue in Endless Posts Navigation allows Stored XSS. This means an attacker can perform actions on behalf of a user without their knowledge,...

7.1CVSS6.9AI score0.00158EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/10/20 12:0 a.m.4 views

WordPress plugin Most And Least Read Posts Widget 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in WordPress plugin Most And Least...

8.8CVSS6.5AI score0.00195EPSS
Exploits0References2
OSV
OSV
added 2024/10/19 7:15 a.m.3 views

CVE-2024-9889

The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.9 via the Page Loader widget. This makes it possible for authenticated attackers, with contributor-level access and above, to view...

4.3CVSS5.8AI score
Exploits0References2
CVE
CVE
added 2024/10/19 6:42 a.m.46 views

CVE-2024-9889

CVE-2024-9889 affects ElementInvader Addons for Elementor (WordPress). The vulnerability allows authenticated attackers with contributor-level access and above to perform Sensitive Information Exposure via the Page Loader widget, enabling viewing of private/draft/password-protected posts, pages, ...

4.3CVSS4.7AI score0.00335EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/18 1:2 p.m.6 views

WordPress Endless Posts Navigation plugin <= 2.2.7 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Endless Posts Navigation versions = 2.2.7...

7.1CVSS6.2AI score0.00158EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:20 p.m.3 views

WordPress Most And Least Read Posts Widget plugin <= 2.5.18 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Most And Least Read Posts Widget versions = 2.5.18...

8.8CVSS7AI score0.00195EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/18 12:0 a.m.7 views

PT-2024-39915 · WordPress · Elementinvader Addons For Elementor

Name of the Vulnerable Software and Affected Versions: ElementInvader Addons for Elementor plugin for WordPress versions up to, and including, 1.2.9 Description: The issue allows authenticated attackers with contributor-level access and above to view private, draft, and password-protected posts,...

4.3CVSS6.2AI score0.00335EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.14 views

WordPress Endless Posts Navigation Plugin <= 2.2.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Endless Posts Navigation Type Plugin Vulnerable versions = 2.2.7 Fixed in 2.2.8 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-49629 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6c607ad01f6a Credits...

7.1CVSS6.9AI score0.00158EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/10/17 1:15 p.m.10 views

CVE-2024-48031

Cross-Site Request Forgery CSRF vulnerability in sumitsurai Featured Posts with Multiple Custom Groups FPMCG featured-posts-with-multiple-custom-groups-fpmcg allows Cross Site Request Forgery.This issue affects Featured Posts with Multiple Custom Groups FPMCG: from n/a through = 4.0...

6.5CVSS0.00195EPSS
Exploits0References1
NVD
NVD
added 2024/10/17 1:15 p.m.12 views

CVE-2024-48032

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sumitsurai Featured Posts with Multiple Custom Groups FPMCG featured-posts-with-multiple-custom-groups-fpmcg allows Reflected XSS.This issue affects Featured Posts with Multiple Custom Groups FPMCG...

7.1CVSS0.00245EPSS
Exploits0References1
OSV
OSV
added 2024/10/17 4:15 a.m.5 views

CVE-2024-7417

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.986 via the datafetch. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract data from password protected...

4.3CVSS5.8AI score0.00403EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/17 12:0 a.m.5 views

PT-2024-32950 · Unknown · Featured Posts With Multiple Custom Groups

Name of the Vulnerable Software and Affected Versions: Featured Posts with Multiple Custom Groups FPMCG versions n/a through 4.0 Description: This issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. It allows for Reflected XS...

7.1CVSS6.3AI score0.00245EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/10/17 12:0 a.m.4 views

PT-2024-32949 · Unknown · Featured Posts With Multiple Custom Groups

Name of the Vulnerable Software and Affected Versions: Featured Posts with Multiple Custom Groups FPMCG versions n/a through 4.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Cross Site Request Forgery. Recommendations: For versions n/a through 4.0, update ...

6.5CVSS6.7AI score0.00195EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/10/17 12:0 a.m.4 views

WordPress plugin Featured Posts with Multiple Custom Groups 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

6.5CVSS6.7AI score0.00195EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/17 12:0 a.m.4 views

WordPress plugin Featured Posts with Multiple Custom Groups 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress...

7.1CVSS6AI score0.00245EPSS
Exploits0References2
Circl
Circl
added 2024/10/16 11:55 p.m.10 views

CVE-2024-44762

creationtimestamp| type| source ---|---|--- 2024-10-16 23:55:21+00:00| seen| https://t.me/cvedetector/8128 2025-04-03 11:24:06+00:00| seen| https://bsky.app/profile/nimblenerd.social/post/3llvs2yg6t62t 2025-04-04 21:02:07+00:00| seen|...

5.3CVSS5.5AI score0.02499EPSS
Exploits5References5
Rows per page
Query Builder