226 matches found
WordPress IDonate plugin 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_password Function vulnerability
WordPress IDonate plugin 2.1.5 - 2.1.9 - Missing Authorization to Authenticated Subscriber+ Account Takeover/Privilege Escalation via idonatedonorpassword Function vulnerability discovered by kr0d in WordPress Plugin IDonate versions 2.1.5-2.1.9...
Drupal Features Module <= 0.0.2 is vulnerable to Broken Access Control
Software Features Type Module Vulnerable versions = 0.0.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2025-12582 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2b7c0646055d Credits Nabil Irawan - Heroes Cyber Security...
WordPress Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One plugin <= 2.3.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by kr0d in WordPress Plugin Ai Auto Tool Content Writing Assistant Gemini Writer, ChatGPT All in One versions = 2.3.0...
WordPress Discussion Board – WordPress Forum Plugin plugin <= 2.5.5 - Authenticated (Subscriber+) Arbitrary Shortcode Execution vulnerability
Authenticated Subscriber+ Arbitrary Shortcode Execution vulnerability discovered by Kishan Vyas in WordPress Plugin Discussion Board versions = 2.5.5...
WordPress Classified Pro theme <= 1.0.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary plugin Installation vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary plugin Installation vulnerability discovered by István Márton in WordPress Theme ClassifiedPro versions = 1.0.14...
WordPress External Login plugin <= 1.11.2 - Authenticated (Subscriber+) Sensitive Data Exposure via Test Connection vulnerability
Authenticated Subscriber+ Sensitive Data Exposure via Test Connection vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin External Login versions = 1.11.2...
WordPress Motors – Car Dealership & Classified Listings Plugin plugin <= 1.4.89 - Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
Authenticated Subscriber+ Arbitrary File Deletion vulnerability discovered by Kishan Vyas in WordPress Plugin Motors versions = 1.4.89...
EUVD-2018-12724
Malware in sbrugna...
WordPress SmartCrawl SEO plugin <= 3.14.3 - Missing Authorization to Plugin Settings Update vulnerability
Missing Authorization to Plugin Settings Update vulnerability discovered by Rafshanzani Suhada in WordPress Plugin SmartCrawl versions = 3.14.3...
WordPress WP Subscription Forms PRO Plugin <= 2.0.5 - Arbitrary Content Deletion Vulnerability
Arbitrary Content Deletion Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WP Subscription Forms PRO versions = 2.0.5...
WordPress HivePress Claim Listings plugin <= 1.1.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin HivePress Claim Listings versions = 1.1.4...
WordPress Houzez Theme - Functionality Plugin <= 4.1.2 - Broken Access Control Vulnerability
WordPress Houzez Theme - Functionality Plugin = 4.1.2 - Broken Access Control Vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Houzez Theme - Functionality versions = 4.1.2...
WordPress Houzez Theme - Functionality Plugin <= 4.1.2 - Arbitrary File Download Vulnerability
WordPress Houzez Theme - Functionality Plugin = 4.1.2 - Arbitrary File Download Vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Houzez Theme - Functionality versions = 4.1.2...
WordPress Hide WP Toolbar Plugin <= 2.7 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Nabil Irawan in WordPress Plugin Hide WP Toolbar versions = 2.7...
WordPress Team Plugin <= 5.0.6 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Que Thanh Tuan - Blue Rock in WordPress Plugin Team versions = 5.0.6...
WordPress Clariti Plugin <= 1.2.1 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Nabil Irawan in WordPress Plugin Clariti versions = 1.2.1...
WordPress DethemeKit For Elementor Plugin <= 2.1.10 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Que Thanh Tuan - Blue Rock in WordPress Plugin DethemeKit For Elementor versions = 2.1.10...
WordPress Social Pug Plugin <= 1.35.2 - Sensitive Data Exposure Vulnerability
Sensitive Data Exposure Vulnerability discovered by Que Thanh Tuan - Blue Rock in WordPress Plugin Hubbub Lite versions = 1.35.2...
WordPress PilotPress Plugin <= 2.0.36 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Nabil Irawan in WordPress Plugin PilotPress versions = 2.0.36...
WordPress Text To Speech TTS Accessibility plugin <= 1.9.30 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Denver Jackson in WordPress Plugin Text To Speech TTS Accessibility versions = 1.9.30...