Lucene search
K

11 matches found

NVD
NVD
added 2026/03/06 12:16 a.m.8 views

CVE-2026-2589

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 12.8.3 via the automated Settings Backup stored in a publicly accessible file. This makes it possible for unauthenticated attackers to...

5.3CVSS0.00239EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.12 views

PT-2026-23575

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 12.8.3 via the automated Settings Backup stored in a publicly accessible file. This makes it possible for unauthenticated attackers to...

5.3CVSS5.9AI score0.00239EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/13 12:9 p.m.4 views

CVE-2025-14159

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.9.2. This is due to missing nonce validation on the 'ayssccpresultsexportfile' AJAX action. This makes it possible for unauthenticated...

4.3CVSS4.8AI score0.00137EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/12 11:15 a.m.28 views

CVE-2025-14159 Secure Copy Content Protection and Content Locking <= 4.9.2 - Cross-Site Request Forgery to Data Export

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.9.2. This is due to missing nonce validation on the 'ayssccpresultsexportfile' AJAX action. This makes it possible for unauthenticated...

4.3CVSS0.00137EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/12 11:15 a.m.6 views

EUVD-2025-203077

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.9.2. This is due to missing nonce validation on the 'ayssccpresultsexportfile' AJAX action. This makes it possible for unauthenticated...

4.3CVSS4.3AI score0.00137EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2023/06/02 5:15 p.m.3 views

CVE-2023-28160

When following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking potentially sensitive information. This vulnerability affects Firefox 111...

6.5CVSS6.7AI score0.00508EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/03/15 12:0 a.m.30 views

CVE-2023-28160

When following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking potentially sensitive information. This vulnerability affects Firefox 111...

6.5CVSS6.7AI score0.00508EPSS
Exploits0References3
Prion
Prion
added 2022/03/28 6:15 p.m.23 views

Cross site request forgery (csrf)

The Translate WordPress with GTranslate WordPress plugin before 2.9.9 does not have CSRF check in some files, and write debug data such as user's cookies in a publicly accessible file if a specific parameter is used when requesting them. Combining those two issues, an attacker could gain access t...

6.8CVSS8.7AI score0.00602EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2010/12/29 6:0 p.m.41 views

Design/Logic Flaw

The bcmconnect function in net/can/bcm.c aka the Broadcast Manager in the Controller Area Network CAN implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensiti...

2.1CVSS5.9AI score0.00496EPSS
Exploits2References11Affected Software1
Cvelist
Cvelist
added 2010/12/29 5:27 p.m.23 views

CVE-2010-4565

The bcmconnect function in net/can/bcm.c aka the Broadcast Manager in the Controller Area Network CAN implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensiti...

6.5AI score0.00496EPSS
Exploits2References11
securityvulns
securityvulns
added 2000/07/14 12:0 a.m.24 views

Дырка в серверных продуктах Netscape

Хэш пароля администрирования содержится в файле открытом на чтение: http://www.server.com/admin-serv/config/admpw...

7.2AI score
Exploits0References1Affected Software4
Rows per page
Query Builder