Lucene search
K

31 matches found

NVD
NVD
added 4 days ago6 views

CVE-2026-13250

The Solace Extra plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.5.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to permanently delete all...

5.3CVSS0.00273EPSS
Exploits0References8
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-13250 Solace Extra <= 1.5.3 - Missing Authorization to Unauthenticated Arbitrary Content Deletion via delete_previously_imported AJAX Action

The Solace Extra plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.5.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to permanently delete all...

5.3CVSS0.00273EPSS
Exploits0References8
CVE
CVE
added 4 days ago15 views

CVE-2026-13250

Solace Extra (WordPress) up to version 1.5.3 is affected by an authorization bypass in the delete_previously_imported AJAX action. The issue allows unauthenticated users to permanently delete content imported via the Starter Template (posts, pages, media, WooCommerce products, terms, sitebuilder ...

5.3CVSS6.1AI score0.00273EPSS
Exploits0References8
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-43141

The Solace Extra plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.5.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to permanently delete all...

5.3CVSS6.1AI score0.00273EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-11724

Malicious code in bioql PyPI...

9.9CVSS8.9AI score0.00379EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2025-13853

Malicious code in bioql PyPI...

4.9CVSS6.4AI score0.00184EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/30 6:19 p.m.4 views

CVE-2025-58203

Server-Side Request Forgery SSRF vulnerability in solacewp Solace Extra solace-extra allows Server Side Request Forgery.This issue affects Solace Extra: from n/a through = 1.3.2...

4.4CVSS5.9AI score0.00152EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/08/27 7:2 p.m.5 views

WordPress Solace Extra Plugin <= 1.3.2 - Server Side Request Forgery (SSRF) Vulnerability

Server Side Request Forgery SSRF Vulnerability discovered by Que Thanh Tuan Blue Rock in WordPress Plugin Solace Extra versions = 1.3.2...

4.4CVSS6.7AI score0.00152EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/08/27 6:15 p.m.4 views

CVE-2025-58203

Server-Side Request Forgery SSRF vulnerability in solacewp Solace Extra solace-extra allows Server Side Request Forgery.This issue affects Solace Extra: from n/a through = 1.3.2...

4.4CVSS0.00152EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/27 5:45 p.m.1 views

CVE-2025-58203 WordPress Solace Extra Plugin <= 1.3.2 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in solacewp Solace Extra solace-extra allows Server Side Request Forgery.This issue affects Solace Extra: from n/a through = 1.3.2...

4.4CVSS5.9AI score0.00152EPSS
Exploits0References1
CVE
CVE
added 2025/08/27 5:45 p.m.11 views

CVE-2025-58203

CVE-2025-58203 describes a Server-Side Request Forgery (SSRF) in the WordPress plugin Solace Extra (Solace Extra: from n/a through 1.3.2). Connected sources indicate the vulnerability affects versions up to 1.3.2 and that a patch exists (the entry is listed as Patched); no exploit details are pro...

4.4CVSS5.9AI score0.00152EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/27 5:45 p.m.12 views

CVE-2025-58203 WordPress Solace Extra Plugin <= 1.3.2 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in solacewp Solace Extra solace-extra allows Server Side Request Forgery.This issue affects Solace Extra: from n/a through = 1.3.2...

4.4CVSS0.00152EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/27 12:0 a.m.3 views

WordPress plugin Solace Extra 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

4.4CVSS6.8AI score0.00152EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.3 views

PT-2025-34917 · WordPress · Solacewp Solace Extra

Name of the Vulnerable Software and Affected Versions: solacewp Solace Extra versions through 1.3.2 Description: A Server-Side Request Forgery SSRF vulnerability exists in solacewp Solace Extra, allowing Server Side Request Forgery. Recommendations: At the moment, there is no information about a...

4.4CVSS6.3AI score0.00152EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/09 3:25 p.m.10 views

CVE-2025-47464

Server-Side Request Forgery SSRF vulnerability in solacewp Solace Extra solace-extra allows Server Side Request Forgery.This issue affects Solace Extra: from n/a through = 1.3.1...

4.9CVSS7.2AI score0.00184EPSS
Exploits0References1
NVD
NVD
added 2025/05/07 3:16 p.m.24 views

CVE-2025-47464

Server-Side Request Forgery SSRF vulnerability in solacewp Solace Extra solace-extra allows Server Side Request Forgery.This issue affects Solace Extra: from n/a through = 1.3.1...

4.9CVSS0.00184EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/07 2:19 p.m.6 views

CVE-2025-47464 WordPress Solace Extra <= 1.3.1 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in solacewp Solace Extra allows Server Side Request Forgery. This issue affects Solace Extra: from n/a through 1.3.1...

4.9CVSS5.2AI score0.00184EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 2:19 p.m.48 views

CVE-2025-47464

CVE-2025-47464: Solace Extra (WordPress) is affected by a Server-Side Request Forgery (SSRF) vulnerability in versions up to 1.3.1. The issue is authenticated (Subscriber+) and has a CVSS v3.1 base score of 4.9 (Medium). Connected sources indicate the vulnerability exists in Solace Extra

4.9CVSS7.2AI score0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/07 2:19 p.m.33 views

CVE-2025-47464 WordPress Solace Extra plugin <= 1.3.1 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in solacewp Solace Extra solace-extra allows Server Side Request Forgery.This issue affects Solace Extra: from n/a through = 1.3.1...

4.9CVSS0.00184EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/07 12:28 p.m.8 views

WordPress Solace Extra plugin <= 1.3.1 - Server Side Request Forgery (SSRF) Vulnerability

Server Side Request Forgery SSRF Vulnerability discovered by stealthcopter in WordPress Plugin Solace Extra versions = 1.3.1...

4.9CVSS8.2AI score0.00184EPSS
Exploits0Affected Software1
Rows per page
Query Builder