Lucene search
+L

84 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-48004

Malicious code in bioql PyPI...

7.2CVSS7AI score0.00577EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-29321

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00359EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-51767

Malicious code in bioql PyPI...

7.5CVSS7.9AI score0.01009EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/23 10:14 a.m.10 views

CVE-2024-31432

Missing Authorization vulnerability in StellarWP Restrict Content.This issue affects Restrict Content: from n/a through 3.2.8...

5.3CVSS5.2AI score0.00359EPSS
Exploits0References1
patchstack
patchstack
added 2025/01/27 10:57 p.m.7 views

WordPress Restrict Content plugin <= 3.2.13 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability

Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Restrict Content versions = 3.2.13...

7.5CVSS6.9AI score0.00439EPSS
Exploits0References1Affected Software1
osv
osv
added 2025/01/26 7:15 a.m.3 views

CVE-2024-11090

The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.13 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have bee...

7.5CVSS7.3AI score0.00439EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/01/26 12:0 a.m.3 views

WordPress plugin Membership Plugin – Restrict Content 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. An information disclosure vulnerabili...

7.5CVSS8AI score0.00439EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/01/26 12:0 a.m.8 views

PT-2025-1619 · WordPress · Membership Plugin – Restrict Content

Name of the Vulnerable Software and Affected Versions: The Membership Plugin – Restrict Content plugin for WordPress versions up to, and including, 3.2.13 Description: The issue allows unauthenticated attackers to extract sensitive data from posts restricted to higher-level roles, such as...

7.5CVSS6.9AI score0.00439EPSS
Exploits0References11
githubexploit
githubexploit
added 2025/01/01 10:42 p.m.167 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Liquidweb Restrict_Content

CVE-2023-47668 Description Exposure of Sensitive Informati...

7.5CVSS7.8AI score0.01009EPSS
Exploits2
nvd
nvd
added 2024/04/15 10:15 a.m.19 views

CVE-2024-31432

Missing Authorization vulnerability in StellarWP Restrict Content.This issue affects Restrict Content: from n/a through 3.2.8...

5.3CVSS5.3AI score0.00359EPSS
Exploits0References1
cve
cve
added 2024/04/15 9:31 a.m.55 views

CVE-2024-31432

CVE-2024-31432 is a Missing Authorization vulnerability in the StellarWP Restrict Content plugin for WordPress, affecting versions up to 3.2.8. From the provided documents, exploitation details are not disclosed, but the issue allows unauthorized access to restricted content. Remediation, per the...

5.3CVSS5.2AI score0.00359EPSS
Exploits0References1
patchstack
patchstack
added 2024/04/10 9:40 a.m.7 views

WordPress Restrict Content plugin <= 3.2.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Restrict Content versions = 3.2.8...

5.3CVSS7AI score0.00359EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2024/04/10 12:0 a.m.13 views

WordPress Restrict Content Plugin <= 3.2.8 is vulnerable to Broken Access Control

Software Restrict Content Type Plugin Vulnerable versions = 3.2.8 Fixed in 3.2.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31432 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 602787f07d5a Credits Dhabaleshwar Das Required...

5.3CVSS6.6AI score0.00359EPSS
Exploits0References2Affected Software1
prion
prion
added 2024/03/13 4:15 p.m.27 views

Cross site scripting

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 4.15.1 due to insufficient input sanitizati...

5.5CVSS5.9AI score0.00563EPSS
Exploits0References3
prion
prion
added 2024/03/13 4:15 p.m.19 views

Cross site scripting

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's reg-select-role shortcode in all versions up to, and including, 4.15.0 due to insufficient...

5.5CVSS6.1AI score0.00443EPSS
Exploits0References2
cve
cve
added 2024/03/13 3:26 p.m.52 views

CVE-2024-1535

ProfilePress WordPress plugin (formerly named ProfilePress/Restrict Content) is affected by CVE-2024-1535. According to the sources, versions up to 4.15.2 are vulnerable to stored cross-site scripting via the plugin’s shortcodes due to insufficient input sanitization and output escaping on user-s...

6.4CVSS6AI score0.00573EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2024/02/29 1:43 a.m.20 views

CVE-2024-1408

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's edit-profile-text-box shortcode in all versions up to, and including, 4.14.4 due to...

6.4CVSS5.7AI score0.00598EPSS
Exploits0References3
prion
prion
added 2024/02/29 1:43 a.m.36 views

Cross site scripting

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name' parameter in all versions up to, and including, 4.14.4 due to insufficient input sanitization...

6.4CVSS6.4AI score0.00572EPSS
Exploits0References3
prion
prion
added 2024/02/29 1:43 a.m.32 views

Cross site scripting

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's login-password shortcode in all versions up to, and including, 4.14.4 due to insufficient...

5.5CVSS6.1AI score0.00483EPSS
Exploits0References3
cve
cve
added 2024/02/20 6:56 p.m.72 views

CVE-2024-1570

Affected software: ProfilePress (WordPress plugin) ≤ 4.14.4. Vulnerability: Stored Cross-Site Scripting via the login-password shortcode caused by insufficient input sanitization and output escaping on user-supplied attributes. Impact: Authenticated attackers with contributor-level permissions (o...

6.4CVSS6AI score0.00483EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder