Lucene search
+L

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-47267

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00503EPSS
Exploits0References9
OSV
OSV
added 2024/06/22 12:15 a.m.6 views

CVE-2024-6120

The Sparkle Demo Importer plugin for WordPress is vulnerable to unauthorized database reset and demo data import due to a missing capability check on the multiple functions in all versions up to and including 1.4.7. This makes it possible for authenticated attackers, with Subscriber-level access...

6.5CVSS5.8AI score0.00503EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/06/22 12:0 a.m.2 views

WordPress plugin Sparkle Demo Importer security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

6.5CVSS6.6AI score0.00503EPSS
Exploits0References10
CVE
CVE
added 2024/06/21 11:33 p.m.62 views

CVE-2024-6120

CVE-2024-6120 affects the WordPress plugin Sparkle Demo Importer. Public details in connected docs confirm: all versions up to 1.4.7 are vulnerable due to a missing capability check in multiple functions, enabling authenticated attackers with Subscriber-level access (and above) to perform a destr...

6.5CVSS6.5AI score0.00503EPSS
Exploits0References9Affected Software1
Patchstack
Patchstack
added 2024/06/21 1:24 p.m.6 views

WordPress Sparkle Demo Importer plugin <= 1.4.7 - Authenticated Post/Pages/Attachements Deletion and Demo Data Import vulnerability

Authenticated Post/Pages/Attachements Deletion and Demo Data Import vulnerability discovered by Lucio Sá in WordPress Plugin Sparkle Demo Importer versions = 1.4.7...

6.5CVSS7AI score0.00503EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/21 12:0 a.m.12 views

WordPress Sparkle Demo Importer Plugin <= 1.4.7 is vulnerable to Broken Access Control

Software Sparkle Demo Importer Type Plugin Vulnerable versions = 1.4.7 Fixed in 1.4.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6120 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 65191ad4a953 Credits Lucio Sá Required...

6.5CVSS6.8AI score0.00503EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder