Lucene search
K

16 matches found

Patchstack
Patchstack
added 2025/12/18 9:57 p.m.4 views

WordPress Sweet Energy Efficiency plugin <= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Graph Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Graph Deletion vulnerability discovered by Paolo Tresso - Wordfence in WordPress Plugin Sweet Energy Efficiency versions = 1.0.6...

4.3CVSS6.8AI score0.00202EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/12/18 1:15 p.m.4 views

CVE-2025-14618

The Sweet Energy Efficiency plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on the 'sweetenergyefficiencyaction' AJAX handler in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers...

4.3CVSS0.00202EPSS
Exploits0References3
CVE
CVE
added 2025/12/18 12:22 p.m.8 views

CVE-2025-14618

CVE-2025-14618 concerns the Sweet Energy Efficiency plugin for WordPress. The description states a missing capability check on the AJAX handler sweet_energy_efficiency_action, affecting all versions up to 1.0.6. This permits authenticated attackers with subscriber-level access and above to read, ...

4.3CVSS4.9AI score0.00202EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/18 12:22 p.m.23 views

CVE-2025-14618 Sweet Energy Efficiency <= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Graph Deletion

The Sweet Energy Efficiency plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on the 'sweetenergyefficiencyaction' AJAX handler in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers...

4.3CVSS0.00202EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/18 12:22 p.m.3 views

CVE-2025-14618 Sweet Energy Efficiency <= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Graph Deletion

The Sweet Energy Efficiency plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on the 'sweetenergyefficiencyaction' AJAX handler in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers...

4.3CVSS4.9AI score0.00202EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/18 12:22 p.m.5 views

EUVD-2025-204264

The Sweet Energy Efficiency plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on the 'sweetenergyefficiencyaction' AJAX handler in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers...

4.3CVSS4.8AI score0.00202EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.4 views

WordPress plugin Sweet Energy Efficiency 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

4.3CVSS6.3AI score0.00202EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-30575

Malicious code in bioql PyPI...

7.1CVSS6.5AI score0.00118EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/24 6:30 p.m.3 views

CVE-2025-58262

Cross-Site Request Forgery CSRF vulnerability in WPDirectoryKit Sweet Energy Efficiency sweet-energy-efficiency allows Stored XSS.This issue affects Sweet Energy Efficiency: from n/a through = 1.0.8...

7.1CVSS5.9AI score0.00118EPSS
Exploits0References1
NVD
NVD
added 2025/09/22 7:16 p.m.3 views

CVE-2025-58262

Cross-Site Request Forgery CSRF vulnerability in WPDirectoryKit Sweet Energy Efficiency sweet-energy-efficiency allows Stored XSS.This issue affects Sweet Energy Efficiency: from n/a through = 1.0.8...

7.1CVSS0.00118EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/22 6:44 p.m.6 views

WordPress Sweet Energy Efficiency plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Sweet Energy Efficiency versions = 1.0.8...

7.1CVSS6.8AI score0.00118EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/22 6:23 p.m.1 views

CVE-2025-58262 WordPress Sweet Energy Efficiency plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WPDirectoryKit Sweet Energy Efficiency sweet-energy-efficiency allows Stored XSS.This issue affects Sweet Energy Efficiency: from n/a through = 1.0.8...

7.1CVSS5.9AI score0.00118EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 6:23 p.m.11 views

CVE-2025-58262 WordPress Sweet Energy Efficiency plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WPDirectoryKit Sweet Energy Efficiency sweet-energy-efficiency allows Stored XSS.This issue affects Sweet Energy Efficiency: from n/a through = 1.0.8...

7.1CVSS0.00118EPSS
Exploits0References1
CVE
CVE
added 2025/09/22 6:23 p.m.10 views

CVE-2025-58262

Technical details for CVE-2025-58262 are not publicly available in the provided documents. The initial entry mentions a CSRF issue and Stored XSS in the Sweet Energy Efficiency plugin for WPDirectoryKit (

7.1CVSS5.9AI score0.00118EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.3 views

PT-2025-38925

Name of the Vulnerable Software and Affected Versions wpdirectorykit Sweet Energy Efficiency versions through 1.0.6 Description A Cross-Site Request Forgery CSRF issue exists in wpdirectorykit Sweet Energy Efficiency, which also allows Stored Cross-Site Scripting XSS. Recommendations Update...

7.1CVSS5.6AI score0.00118EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/22 12:0 a.m.4 views

WordPress plugin Sweet Energy Efficiency 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

7.1CVSS6.1AI score0.00118EPSS
Exploits0References1
Rows per page
Query Builder