Lucene search
+L

266 matches found

Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.9 views

PT-2025-48650

Name of the Vulnerable Software and Affected Versions Beaver Builder – WordPress Page Builder plugin versions prior to 2.9.4 Description The Beaver Builder – WordPress Page Builder plugin for WordPress is susceptible to a missing authorization issue. Insufficient capability checks within the REST...

4.3CVSS5.7AI score0.00302EPSS
Exploits0References10
Imperva Blog
Imperva Blog
added 2025/12/01 4:20 p.m.10 views

CVE-2025-61757: Imperva Customers Protected Against Critical Oracle Identity Manager Authentication Bypass Leading to Remote Code Execution

At the end of October 2025, Oracle released an emergency security alert addressing CVE-2025-61757, a high-severity authentication-bypass flaw that enables remote code execution in the Identity Manager product of Oracle Fusion Middleware versions 12.2.1.4.0 and 14.1.2.1.0. Multiple threat actors a...

9.8CVSS8.9AI score0.88312EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/11/20 9:37 p.m.14 views

CVE-2025-12535

The SureForms plugin for WordPress is vulnerable to Cross-Site Request Forgery Bypass in all versions up to, and including, 1.13.1. This is due to the plugin distributing generic WordPress REST API nonces wprest to unauthenticated users via the 'wpajaxnoprivrest-nonce' action. While the plugin...

5.3CVSS6.2AI score0.00202EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/19 6:45 a.m.13 views

CVE-2025-12535 SureForms <= 1.13.1 - Cross-Site Request Forgery Protection Bypass via Improper Nonce Distribution

The SureForms plugin for WordPress is vulnerable to Cross-Site Request Forgery Bypass in all versions up to, and including, 1.13.1. This is due to the plugin distributing generic WordPress REST API nonces wprest to unauthenticated users via the 'wpajaxnoprivrest-nonce' action. While the plugin...

5.3CVSS0.00202EPSS
Exploits0References4
OSV
OSV
added 2025/11/12 8:15 p.m.2 views

CVE-2025-27368

IBM OpenPages 9.0 and 9.1 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used by the user interface of OpenPages. An authenticated user is able to obtain certain information about system metadata for areas beyond...

4.3CVSS5.8AI score0.00209EPSS
Exploits0References1
NVD
NVD
added 2025/11/12 8:15 p.m.6 views

CVE-2025-27368

IBM OpenPages 9.0 and 9.1 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used by the user interface of OpenPages. An authenticated user is able to obtain certain information about system metadata for areas beyond...

4.3CVSS0.00209EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/11 1:40 p.m.4 views

Security Bulletin: IBM OpenPages Vulnerable to Information Disclosure (CVE-2025-27368)

Summary Application API vulnerability that exposes metadata for configurable fields due to insufficient access control checks in IBM OpenPages has been addressed. Vulnerability Details CVEID:CVE-2025-27368 DESCRIPTION: IBM OpenPages is vulnerable to information disclosure of sensitive information...

4.3CVSS6AI score0.00209EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/11/11 4:15 a.m.6 views

CVE-2025-11894

The Shelf Planner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several REST API endpoints in all versions up to, and including, 2.8.1. This makes it possible for unauthenticated attackers to modify several of the plugin's settings li...

5.3CVSS0.00269EPSS
Exploits0References2
CVE
CVE
added 2025/10/18 6:42 a.m.25 views

CVE-2025-11372

CVE-2025-11372 affects the LearnPress – WordPress LMS Plugin (WordPress) up to and including version 4.2.9.3. The root cause is missing capability checks on Admin Tools REST endpoints, with permission_callback set to __return_true, enabling unauthenticated attackers to perform destructive databas...

6.5CVSS5.2AI score0.00424EPSS
In wildExploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-29868

Malware in sbrugna...

9.8CVSS9.2AI score0.03939EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-7002

Malware in sbrugna...

7.5CVSS7.8AI score0.01369EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-9390

Malware in sbrugna...

9.8CVSS9.2AI score0.00782EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-0408

Malware in sbrugna...

4.3CVSS4.7AI score0.00786EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-16196

Malware in sbrugna...

6.5CVSS6.5AI score0.01461EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-10133

Malware in sbrugna...

7.2CVSS6.9AI score0.01343EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2018-11902

Malware in sbrugna...

8.8CVSS8.8AI score0.02673EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2016-0355

Malware in sbrugna...

4.3CVSS5.2AI score0.0059EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-34797

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00496EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-20685

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-54330

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.00217EPSS
Exploits0References3
Rows per page
Query Builder