Lucene search
K

33 matches found

EUVD
EUVD
added 2026/05/07 12:31 p.m.16 views

EUVD-2026-28343

Cross-Site Request Forgery CSRF vulnerability in PluginUs.Net BEAR allows Cross Site Request Forgery. This issue affects BEAR: from n/a through 1.1.5...

4.3CVSS5.8AI score0.00095EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/07 10:20 a.m.9 views

CVE-2026-27415 WordPress BEAR plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in PluginUs.Net BEAR allows Cross Site Request Forgery. This issue affects BEAR: from n/a through 1.1.5...

4.3CVSS5.8AI score0.00095EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/07 10:19 a.m.16 views

WordPress BEAR plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by benzdeus in WordPress Plugin BEAR versions = 1.1.5...

4.3CVSS5.8AI score0.00095EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/04/08 11:16 a.m.23 views

CVE-2026-1672 BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.5 - Cross-Site Request Forgery to Product Data Modification

The BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5. This is due to missing nonce validation on the wooberedrawtablerow function. This makes it possibl...

6.5CVSS0.00176EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.24 views

CVE-2026-39663 WordPress TrueBooker plugin <= 1.1.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: from n/a through = 1.1.5...

5.3CVSS0.00214EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 8:30 a.m.7 views

CVE-2026-39663

Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: from n/a through = 1.1.5...

5.9AI score0.00214EPSS
Exploits0References2
NVD
NVD
added 2026/03/21 4:17 a.m.5 views

CVE-2026-3354

The Wikilookup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Popup Width' setting in all versions up to, and including, 1.1.5. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS0.00189EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/20 1:27 p.m.5 views

CVE-2026-25336

Missing Authorization vulnerability in wpcoachify Coachify coachify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coachify: from n/a through = 1.1.5...

5.3CVSS5.5AI score0.00277EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 9:16 a.m.3 views

CVE-2026-25337

Cross-Site Request Forgery CSRF vulnerability in wpcoachify Coachify coachify allows Cross Site Request Forgery.This issue affects Coachify: from n/a through = 1.1.5...

5.4CVSS0.00104EPSS
Exploits0References1
CVE
CVE
added 2026/02/19 8:26 a.m.9 views

CVE-2026-25337

The CVE-2026-25337 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress Coachify theme (wpcoachify/Coachify) affecting versions up to and including 1.1.5. The issue is identified across multiple sources (NVD, Red Hat, CVE List, PatchStack, AttackERKB, VulnEnrichment)...

5.4CVSS5.4AI score0.00104EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/19 8:26 a.m.3 views

CVE-2026-25337 WordPress Coachify theme <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in wpcoachify Coachify coachify allows Cross Site Request Forgery.This issue affects Coachify: from n/a through = 1.1.5...

5.4CVSS5.5AI score0.00104EPSS
Exploits0References1
CVE
CVE
added 2026/02/19 8:26 a.m.8 views

CVE-2026-25336

CVE-2026-25336 affects the WordPress Coachify theme (versions

5.3CVSS5.4AI score0.00277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.6 views

CVE-2025-68030

Server-Side Request Forgery SSRF vulnerability in WP Messiah Frontis Blocks frontis-blocks allows Server Side Request Forgery.This issue affects Frontis Blocks: from n/a through = 1.1.5...

7.2CVSS5.4AI score0.00248EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:16 p.m.3 views

CVE-2025-68030

Server-Side Request Forgery SSRF vulnerability in WP Messiah Frontis Blocks frontis-blocks allows Server Side Request Forgery.This issue affects Frontis Blocks: from n/a through = 1.1.5...

7.2CVSS0.00248EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:51 p.m.3 views

CVE-2025-67963 WordPress Movie Booking plugin <= 1.1.5 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in ovatheme Movie Booking movie-booking allows Path Traversal.This issue affects Movie Booking: from n/a through = 1.1.5...

5.9AI score0.00552EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/20 11:44 a.m.4 views

WordPress Frontis Blocks plugin <= 1.1.5 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Frontis Blocks versions = 1.1.5...

7.2CVSS5.4AI score0.00248EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/01 4:27 p.m.4 views

CVE-2025-62132

Missing Authorization vulnerability in Strategy11 Team Tasty Recipes Lite tasty-recipes-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tasty Recipes Lite: from n/a through = 1.1.5...

4.3CVSS5.9AI score0.00199EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/31 4:3 p.m.3 views

CVE-2025-62132 WordPress Tasty Recipes Lite plugin <= 1.1.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Strategy11 Team Tasty Recipes Lite tasty-recipes-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tasty Recipes Lite: from n/a through = 1.1.5...

4.3CVSS5.1AI score0.00199EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/31 3:35 p.m.2 views

CVE-2025-49338 WordPress Flowbox plugin <= 1.1.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Flowbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flowbox: from n/a through 1.1.5...

5.3CVSS6.6AI score0.00176EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/16 8:13 a.m.2 views

CVE-2025-68088 WordPress Huger for Elementor plugin <= 1.1.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in merkulove Huger for Elementor huger-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Huger for Elementor: from n/a through = 1.1.5...

6.6AI score0.00138EPSS
Exploits0References1
Rows per page
Query Builder