39 matches found
WordPress Salient Core plugin <= 2.0.7 - Authenticated (Contributor+) Local File Inclusion via Shortcode vulnerability
Authenticated Contributor+ Local File Inclusion via Shortcode vulnerability discovered by István Márton - Wordfence in WordPress Plugin Salient Core versions = 2.0.7...
CVE-2025-59001
Missing Authorization vulnerability in ThemeNectar Salient Core salient-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salient Core: from n/a through = 3.0.8...
EUVD-2025-203615
Missing Authorization vulnerability in ThemeNectar Salient Core salient-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salient Core: from n/a through = 3.0.8...
CVE-2025-59001
Missing Authorization vulnerability in ThemeNectar Salient Core salient-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salient Core: from n/a through = 3.0.8...
CVE-2025-59001 WordPress Salient Core plugin <= 3.0.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThemeNectar Salient Core salient-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salient Core: from n/a through = 3.0.8...
CVE-2025-59001 WordPress Salient Core plugin <= 3.0.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThemeNectar Salient Core salient-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salient Core: from n/a through = 3.0.8...
CVE-2025-59001
The CVE-2025-59001 is a Missing Authorization vulnerability in ThemeNectar Salient Core (WordPress plugin) affecting Salient Core up to version 3.0.8. The issue stems from incorrectly configured access control security levels, enabling unauthorized access due to insufficient privilege checks. Pub...
PT-2025-51383
Name of the Vulnerable Software and Affected Versions ThemeNectar Salient Core versions through 3.0.8 Description An authorization issue exists in ThemeNectar Salient Core, allowing exploitation of incorrectly configured access control security levels. Recommendations Update ThemeNectar Salient...
WordPress plugin Salient Core 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
WordPress Salient Core plugin <= 3.0.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Salient Core versions = 3.0.8...
EUVD-2023-52782
Malicious code in bioql PyPI...
EUVD-2024-32384
Malicious code in bioql PyPI...
EUVD-2023-52781
Malicious code in bioql PyPI...
CVE-2023-48749
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Theme nectar Salient Core allows Stored XSS.This issue affects Salient Core: from n/a through 2.0.2...
CVE-2023-48748
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Theme nectar Salient Core allows Reflected XSS.This issue affects Salient Core: from n/a through 2.0.2...
CVE-2024-3812
The Salient Core plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.7 via the 'nectaricon' shortcode 'iconlinea' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute...
CVE-2024-3812
The Salient Core plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.7 via the 'nectaricon' shortcode 'iconlinea' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute...
CVE-2024-3812 Salient Core <= 2.0.7 - Authenticated (Contributor+) Local File Inclusion via Shortcode
The Salient Core plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.7 via the 'nectaricon' shortcode 'iconlinea' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute...
CVE-2024-3812
CVE-2024-3812 affects Salient Core for WordPress up to version 2.0.7, enabling Local File Inclusion via the nectar_icon shortcode (icon_linea attribute). Exploitation requires authenticated access at contributor level or higher, potentially allowing arbitrary PHP file execution and data access. P...
CVE-2024-3812 Salient Core <= 2.0.7 - Authenticated (Contributor+) Local File Inclusion via Shortcode
The Salient Core plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.7 via the 'nectaricon' shortcode 'iconlinea' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute...