Lucene search
K

779 matches found

RedhatCVE
RedhatCVE
added 2026/02/18 7:30 p.m.4 views

CVE-2022-41650

Missing Authorization vulnerability in Paul Custom Content by Country by Shield Security custom-content-by-country.This issue affects Custom Content by Country by Shield Security: from n/a through 3.1.2...

6.5CVSS5.2AI score0.00262EPSS
Exploits0References1
NVD
NVD
added 2026/02/17 3:16 p.m.3 views

CVE-2022-41650

Missing Authorization vulnerability in Paul Custom Content by Country by Shield Security custom-content-by-country.This issue affects Custom Content by Country by Shield Security: from n/a through 3.1.2...

6.5CVSS0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/17 2:56 p.m.31 views

CVE-2022-41650 WordPress Custom Content by Country plugin <= 3.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Paul Custom Content by Country by Shield Security custom-content-by-country.This issue affects Custom Content by Country by Shield Security: from n/a through 3.1.2...

6.5CVSS0.00262EPSS
Exploits0References1
CVE
CVE
added 2026/02/17 2:56 p.m.9 views

CVE-2022-41650

CVE-2022-41650 concerns the WordPress plugin “Custom Content by Country” (by Shield Security) with versions through 3.1.2. The Red Hat/NVD/CVE listings, and PT Security enrichment, describe a Missing Authorization vulnerability (Broken Access Control) enabling unauthorized access. The core issue ...

6.5CVSS5.2AI score0.00262EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.8 views

PT-2026-20208

Name of the Vulnerable Software and Affected Versions Custom Content by Country by Shield Security versions through 3.1.2 Description A missing authorization issue exists in Custom Content by Country by Shield Security. The issue allows unauthorized access. Recommendations Update Custom Content b...

6.5CVSS5.4AI score0.00262EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/17 12:0 a.m.7 views

WordPress plugin Custom Content by Country (by Shield Security) 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.8AI score0.00262EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/02/08 12:6 a.m.190 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Iolo System_Shield

VulnDrivers-n-LOLDrivers-POCs List of POCs I have done for som...

10CVSS8.4AI score0.18451EPSS
Exploits8
Microsoft Secure
Microsoft Secure
added 2026/02/05 5:0 p.m.4 views

The security implementation gap: Why Microsoft is supporting Operation Winter SHIELD

Every conversation I have with information security leaders tends to land in the same place. People understand what matters. They know the frameworks, the controls, and the guidance. They can explain why identity security, patching, and access control are critical. And yet incidents keep happenin...

6AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/02/05 5:0 p.m.5 views

The security implementation gap: Why Microsoft is supporting Operation Winter SHIELD

Every conversation I have with information security leaders tends to land in the same place. People understand what matters. They know the frameworks, the controls, and the guidance. They can explain why identity security, patching, and access control are critical. And yet incidents keep happenin...

6.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/17 5:22 a.m.17 views

CVE-2025-15370

The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This makes it possible...

4.3CVSS5.7AI score0.00242EPSS
Exploits0References1
NVD
NVD
added 2026/01/16 5:16 a.m.4 views

CVE-2025-15370

The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This makes it possible...

4.3CVSS0.00242EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/16 4:44 a.m.2 views

CVE-2025-15370

The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This makes it possible...

4.3CVSS5.5AI score0.00242EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/16 4:44 a.m.2 views

CVE-2025-15370 Shield Security <= 21.0.9 - Authenticated (Subscriber+) Insecure Direct Object Reference to Disable Google Authenticator

The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This makes it possible...

4.3CVSS5.3AI score0.00242EPSS
Exploits0References3
CVE
CVE
added 2026/01/16 4:44 a.m.17 views

CVE-2025-15370

CVE-2025-15370 affects Shield: Blocks Bots, Protects Users, and Prevents Security Breaches (WordPress Shield Security plugin) up to version 21.0.9. The issue is an Insecure Direct Object Reference via MfaGoogleAuthToggle that allows authenticated attackers with Subscriber-level access and above t...

4.3CVSS5.3AI score0.00242EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/16 12:0 a.m.7 views

PT-2026-3215

The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This makes it possible...

4.3CVSS5.7AI score0.00242EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.4 views

WordPress Plugin Shield: Blocks Bots, Protects Users, and Prevents Security Breaches

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.00242EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/01/15 11:9 p.m.9 views

WordPress Shield Security plugin <= 21.0.9 - Authenticated (Subscriber+) Insecure Direct Object Reference to Disable Google Authenticator vulnerability

Authenticated Subscriber+ Insecure Direct Object Reference to Disable Google Authenticator vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Shield Security versions = 21.0.9...

4.3CVSS7AI score0.00242EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 10:44 a.m.10 views

CVE-2022-0211

The Shield Security WordPress plugin before 13.0.6 does not sanitise and escape admin notes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

4.8CVSS6AI score0.00588EPSS
Exploits2References1
EUVD
EUVD
added 2025/12/02 3:30 p.m.4 views

EUVD-2025-200256

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader...

6.6AI score0.00253EPSS
Exploits1References3
NVD
NVD
added 2025/12/02 3:15 p.m.4 views

CVE-2025-59705

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01...

6.8CVSS0.00253EPSS
Exploits1References2
Rows per page
Query Builder