Lucene search
K

59 matches found

NVD
NVD
added yesterday4 views

CVE-2026-12083

The Admin and Site Enhancements ASE WordPress plugin before 8.8.4, admin-site-enhancements-pro WordPress plugin before 8.8.4 does not perform authentication, authorization, or nonce checks on a role-restoration request handler, allowing unauthenticated attackers to restore a previously demoted...

8.1CVSS0.00184EPSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-12083

The CVE-2026-12083 issue affects the Admin and Site Enhancements (ASE) WordPress plugin and the admin-site-enhancements-pro plugin prior to version 8.8.4. The vulnerability arises from missing authentication, authorization, and nonce checks on a role-restoration request handler, enabling unauthen...

8.1CVSS6AI score0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday26 views

CVE-2026-12083 Admin and Site Enhancements < 8.8.4 - Unauthenticated Administrator-Role Restoration via reset-for Parameter

The Admin and Site Enhancements ASE WordPress plugin before 8.8.4, admin-site-enhancements-pro WordPress plugin before 8.8.4 does not perform authentication, authorization, or nonce checks on a role-restoration request handler, allowing unauthenticated attackers to restore a previously demoted...

0.00184EPSS
Exploits0References1
NVD
NVD
added 5 days ago9 views

CVE-2026-57625

Unauthenticated Cross Site Scripting XSS in Admin and Site Enhancements ASE Pro = 8.8.5 versions...

9.6CVSS0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:17 p.m.4 views

CVE-2026-32423

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.4.0...

5.4CVSS5.8AI score0.00168EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/13 9:31 p.m.3 views

EUVD-2026-11951

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.4.0...

5.4CVSS5.8AI score0.00168EPSS
Exploits0References2
NVD
NVD
added 2026/03/13 7:55 p.m.3 views

CVE-2026-32423

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.4.0...

5.4CVSS0.00168EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/13 11:42 a.m.26 views

CVE-2026-32423 WordPress Admin and Site Enhancements (ASE) plugin <= 8.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.4.0...

5.4CVSS0.00168EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 11:42 a.m.1 views

CVE-2026-32423

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.4.0...

5.8AI score0.00168EPSS
Exploits0References2
CVE
CVE
added 2026/03/13 11:42 a.m.10 views

CVE-2026-32423

The CVE-2026-32423 entry concerns the WordPress Admin and Site Enhancements (ASE) plugin, version

5.4CVSS5.8AI score0.00168EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.4 views

PT-2026-25269

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.4.0...

5.4CVSS5.8AI score0.00168EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.9 views

WordPress plugin Admin and Site Enhancements (ASE) 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.4CVSS5.8AI score0.00168EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/02/27 10:30 a.m.6 views

WordPress Admin and Site Enhancements (ASE) plugin <= 8.4.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin Admin and Site Enhancements ASE versions = 8.4.0...

5.4CVSS5.8AI score0.00168EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/01/20 3:20 p.m.8 views

CVE-2026-0726

The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.6 via deserialization of untrusted input in the 'nxtunserializereplace' function. This makes it possible for unauthenticated attackers to inject a...

8.1CVSS0.00479EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/20 2:26 p.m.7 views

CVE-2026-0726 Nexter Extension – Site Enhancements Toolkit <= 4.4.6 - Unauthenticated PHP Object Injection via 'nxt_unserialize_replace'

The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.6 via deserialization of untrusted input in the 'nxtunserializereplace' function. This makes it possible for unauthenticated attackers to inject a...

8.1CVSS6.2AI score0.00479EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.7 views

WordPress plugin Nexter Extension – Site Enhancements Toolkit code issues and vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.1CVSS6AI score0.00479EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/10 2:22 p.m.6 views

CVE-2025-64255

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.0.8...

2.7CVSS6.9AI score0.00255EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.3 views

EUVD-2025-202150

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.0.8...

6.4AI score0.00255EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 4:18 p.m.6 views

CVE-2025-64255

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.0.8...

2.7CVSS0.00255EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 2:13 p.m.10 views

CVE-2025-64255

Technical details for CVE-2025-64255 are not provided in the supplied documents. No information on affected versions, root cause, exploit scenarios, or fixes. Monitor for updates from official advisories and connected sources.

2.7CVSS6.5AI score0.00255EPSS
Exploits0References1
Rows per page
Query Builder