Lucene search
K

8 matches found

EUVD
EUVD
added 2 hours ago4 views

EUVD-2026-43164

The W3 Total Cache plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.9.4 via the setupSources function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive...

7.5CVSS6.2AI score
Exploits0References7
Cvelist
Cvelist
added 2026/06/17 9:51 a.m.31 views

CVE-2026-49778 WordPress WPFunnels Pro plugin <= 2.9.4 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in WPFunnels Pro = 2.9.4 versions...

7.1CVSS0.00186EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/04 6:48 a.m.4 views

CVE-2025-12782 Beaver Builder – WordPress Page Builder <= 2.9.4 - Missing Authorization to Authenticated (Contributor+) Builder Status Tampering

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable function. This makes it possible for authenticated attackers,...

4.3CVSS5.6AI score0.00251EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/10 4:22 a.m.6 views

CVE-2025-8388 PowerPack Lite for Elementor <= 2.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting Via 'cursor_url'

The PowerPack Elementor Addons Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘cursorurl’ parameter in all versions up to, and including, 2.9.4 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS4.6AI score0.00216EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.4 views

NavigateCMS SQL注入漏洞

Navigate CMS is a powerful and intuitive content management system. A sql injection vulnerability exists in the block-order parameter of the block function in Navigate CMS 2.9.4 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary sql queries in the backend databa...

9.8CVSS6.1AI score0.02162EPSS
Exploits1References4
CNVD
CNVD
added 2020/02/24 12:0 a.m.6 views

wolfSSL buffer overflow vulnerability (CNVD-2020-13495)

wolfSSL formerly known as CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. A buffer overflow vulnerability exists in wolfSSL CyaSSL versions prior to 2.9.4. The vulnerability stems from a networked system or...

9.8CVSS7.3AI score0.0277EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/24 12:0 a.m.5 views

wolfSSL buffer overflow vulnerability (CNVD-2020-13496)

wolfSSL formerly known as CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. wolfSSL A buffer overflow vulnerability exists in the 'DoAlert' function in versions of CyaSSL prior to 2.9.4. The vulnerability stems...

9.8CVSS7.3AI score0.0277EPSS
Exploits0References1
OSV
OSV
added 2016/05/20 10:59 a.m.1 views

DEBIAN-CVE-2016-1838

The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

5.5CVSS8.6AI score0.06943EPSS
Exploits2References1
Rows per page
Query Builder