Lucene search
+L

4 matches found

Cvelist
Cvelist
added 2025/12/09 2:14 p.m.28 views

CVE-2025-67575 WordPress Sitewide Notice WP plugin <= 2.4.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Andrew Lima Sitewide Notice WP sitewide-notice-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sitewide Notice WP: from n/a through = 2.4.1...

5.3CVSS0.00288EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 2:14 p.m.4 views

CVE-2025-67575 WordPress Sitewide Notice WP plugin <= 2.4.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Andrew Lima Sitewide Notice WP sitewide-notice-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sitewide Notice WP: from n/a through = 2.4.1...

6.6AI score0.00288EPSS
Exploits0References1
Prion
Prion
added 2021/08/30 3:15 p.m.14 views

Cross site scripting

The Sitewide Notice WP WordPress plugin before 2.3 does not sanitise some of its settings before outputting them in frontend pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

3.5CVSS4.8AI score0.00617EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2021/08/30 2:11 p.m.31 views

CVE-2021-24592 Sitewide Notice WP < 2.3 - Authenticated Stored XSS

The Sitewide Notice WP WordPress plugin before 2.3 does not sanitise some of its settings before outputting them in frontend pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5.1AI score0.00617EPSS
Exploits2References1
Rows per page
Query Builder