Lucene search
K

46 matches found

Patchstack
Patchstack
added 2025/12/31 12:0 a.m.7 views

WordPress Course Booking System plugin <= 6.1.5 - Missing Authorization to Unauthenticated Booking Data Export vulnerability

Missing Authorization to Unauthenticated Booking Data Export vulnerability discovered by Powpy in WordPress Plugin Course Booking System versions = 6.1.5...

5.3CVSS5.9AI score0.00233EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/12/12 11:15 a.m.7 views

EUVD-2025-203077

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.9.2. This is due to missing nonce validation on the 'ayssccpresultsexportfile' AJAX action. This makes it possible for unauthenticated...

4.3CVSS4.3AI score0.00137EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/02 4:37 a.m.8 views

CVE-2025-13606 Export All Posts, Products, Orders, Refunds & Users <= 2.19 - Cross-Site Request Forgery to Sensitive Information Exposure

The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.19. This is due to missing or incorrect nonce validation on the parseData function. This makes it possible for unauthenticated attackers...

6.5CVSS0.00138EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/26 7:58 a.m.13 views

CVE-2025-13414

The Chamber Dashboard Business Directory plugin for WordPress is vulnerable to unauthorized data export due to a missing capability check on the cdashwatchforexport function in all versions up to, and including, 3.3.11. This makes it possible for unauthenticated attackers to export business...

5.3CVSS5.3AI score0.0024EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/25 7:28 a.m.9 views

EUVD-2025-199583

The Chamber Dashboard Business Directory plugin for WordPress is vulnerable to unauthorized data export due to a missing capability check on the cdashwatchforexport function in all versions up to, and including, 3.3.11. This makes it possible for unauthenticated attackers to export business...

5.3CVSS4.9AI score0.0024EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/25 7:28 a.m.6 views

CVE-2025-13414 Chamber Dashboard Business Directory <= 3.3.11 - Missing Authorization to Unauthenticated Business Information Export

The Chamber Dashboard Business Directory plugin for WordPress is vulnerable to unauthorized data export due to a missing capability check on the cdashwatchforexport function in all versions up to, and including, 3.3.11. This makes it possible for unauthenticated attackers to export business...

5.3CVSS4.9AI score0.0024EPSS
Exploits0References3
CVE
CVE
added 2025/11/25 7:28 a.m.19 views

CVE-2025-13414

CVE-2025-13414 affects the Chamber Dashboard Business Directory plugin for WordPress. The vulnerability arises from a missing capability check on the export function (cdash_watch_for_export), enabling unauthenticated attackers to export sensitive business-directory data. All versions up to and in...

5.3CVSS5AI score0.0024EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/25 7:28 a.m.8 views

CVE-2025-13414 Chamber Dashboard Business Directory <= 3.3.11 - Missing Authorization to Unauthenticated Business Information Export

The Chamber Dashboard Business Directory plugin for WordPress is vulnerable to unauthorized data export due to a missing capability check on the cdashwatchforexport function in all versions up to, and including, 3.3.11. This makes it possible for unauthenticated attackers to export business...

5.3CVSS0.0024EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/22 6:31 a.m.5 views

EUVD-2025-35354

The NS Maintenance Mode for WP WordPress plugin through 1.3.1 lacks authorization in its subscriber export function allowing unauthenticated attackers to download a list of a site's subscribers containing their name and email address...

5.3CVSS6.4AI score0.00224EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/22 6:0 a.m.13 views

CVE-2025-10638 NS Maintenance Mode for WP <= 1.3.1 - Unauthenticated Subscribers Export

The NS Maintenance Mode for WP WordPress plugin through 1.3.1 lacks authorization in its subscriber export function allowing unauthenticated attackers to download a list of a site's subscribers containing their name and email address...

0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.6 views

WordPress plugin NS Maintenance Mode for WP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A security...

5.3CVSS6.6AI score0.00224EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-34180

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00588EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:49 p.m.5 views

CVE-2021-4353

The WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to unauthenticated settings export in versions up to, and including, 2.4.1. This is due to missing authorization on the export function which makes makes it possible for unauthenticated attackers to export the plugin...

5.3CVSS5.9AI score0.00588EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/02/28 11:18 p.m.5 views

WordPress IP2Location Redirection plugin <= 1.33.3 - Missing Authorization to Unauthenticated Settings Export vulnerability

Missing Authorization to Unauthenticated Settings Export vulnerability discovered by Krzysztof Zając in WordPress Plugin IP2Location Redirection versions = 1.33.3...

5.3CVSS7AI score0.00275EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/01/30 7:41 a.m.5 views

WordPress Safe Ai Malware Protection for WP plugin <= 1.0.17 - Missing Authorization to Unauthenticated Database Export vulnerability

Missing Authorization to Unauthenticated Database Export vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin Safe Ai Malware Protection for WP versions = 1.0.17...

7.5CVSS6.9AI score0.00563EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/01/06 7:43 p.m.4 views

WordPress Export Import Menus plugin <= 1.9.1 - Missing Authorization to Unauthenticated Menu Export vulnerability

Missing Authorization to Unauthenticated Menu Export vulnerability discovered by BrokenAC ignore in WordPress Plugin Export Import Menus versions = 1.9.1...

5.3CVSS7AI score0.00338EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/11/21 11:15 a.m.4 views

CVE-2024-11334

The My Contador lesr plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportarregistros function in all versions up to, and including, 2.0. This makes it possible for unauthenticated attackers to export user data...

5.3CVSS5.8AI score0.00596EPSS
Exploits0References3
OSV
OSV
added 2024/02/09 5:15 a.m.3 views

CVE-2024-1122

The Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportdata function in all versions up to, and including, 3.3.50. This makes it possible for unauthenticated...

5.3CVSS7.3AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/12/18 8:8 p.m.9 views

CVE-2023-6289 Swift Performance Lite <= 2.3.6.14 - Unauthenticated Configuration Export

The Swift Performance Lite WordPress plugin before 2.3.6.15 does not prevent users from exporting the plugin's settings, which may include sensitive information such as Cloudflare API tokens...

4.5AI score0.00916EPSS
Exploits3References1
VulnCheck KEV
VulnCheck KEV
added 2023/11/13 12:0 a.m.5 views

VulnCheck KEV: CVE-2022-39960

The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...

5.3CVSS6AI score0.2568EPSS
Exploits1References1
Rows per page
Query Builder