Lucene search
K

35 matches found

EUVD
EUVD
added 2026/04/08 9:31 a.m.4 views

EUVD-2026-20392

Server-Side Request Forgery SSRF vulnerability in podigee Podigee podigee allows Server Side Request Forgery.This issue affects Podigee: from n/a through = 1.4.0...

5.9AI score0.00138EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 9:16 a.m.4 views

CVE-2026-39616

Authorization Bypass Through User-Controlled Key vulnerability in dFactory Download Attachments download-attachments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Attachments: from n/a through = 1.4.0...

5.3CVSS0.00213EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.5 views

PT-2026-31257

Name of the Vulnerable Software and Affected Versions Podigee versions through 1.4.0 Description A Server-Side Request Forgery SSRF vulnerability exists in Podigee. This allows for Server Side Request Forgery. Recommendations Update Podigee to a version later than 1.4.0...

5.8AI score0.00138EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/05 5:54 a.m.5 views

CVE-2026-28074

Deserialization of Untrusted Data vulnerability in ThemeREX Pizza House pizzahouse allows Object Injection.This issue affects Pizza House: from n/a through = 1.4.0...

5.9AI score0.00375EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.5 views

PT-2026-23352

Deserialization of Untrusted Data vulnerability in ThemeREX Pizza House pizzahouse allows Object Injection.This issue affects Pizza House: from n/a through = 1.4.0...

5.9AI score0.00375EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/02 6:16 a.m.6 views

CVE-2025-15597

A vulnerability has been found in Dataease SQLBot up to 1.4.0. This affects an unknown function of the file backend/apps/system/api/assistant.py of the component API Endpoint. Such manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS6.1AI score0.0055EPSS
Exploits1References16Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/20 1:27 p.m.5 views

CVE-2026-25392

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in KaizenCoders Update URLs – Quick and Easy way to search old links and replace them with new links in WordPress update-urls allows Phishing.This issue affects Update URLs – Quick and Easy way to search old links and replace them wi...

4.7CVSS5.2AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/24 3:18 p.m.4 views

CVE-2026-24567

Missing Authorization vulnerability in briarinc Anything Order by Terms anything-order-by-terms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Anything Order by Terms: from n/a through = 1.4.0...

4.3CVSS5.4AI score0.00235EPSS
Exploits0References1
CVE
CVE
added 2026/01/23 2:28 p.m.9 views

CVE-2026-24567

CVE-2026-24567 describes a Missing Authorization / Broken Access Control in WordPress plugin “Anything Order by Terms” by briarinc, affecting versions up to and including 1.4.0. Connected sources confirm the flaw is an authorization issue in the anything-order-by-terms component, with patches rec...

4.3CVSS5.4AI score0.00235EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 2:28 p.m.1 views

CVE-2026-24567

Missing Authorization vulnerability in briarinc Anything Order by Terms anything-order-by-terms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Anything Order by Terms: from n/a through = 1.4.0...

4.3CVSS5.9AI score0.00235EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/18 7:21 a.m.4 views

CVE-2025-58710 WordPress Hotel Listing plugin <= 1.4.0 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through = 1.4.0...

8.8CVSS6.6AI score0.00307EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.5 views

PT-2025-52057

Name of the Vulnerable Software and Affected Versions e-plugins Hotel Listing versions through 1.4.0 Description An incorrect privilege assignment exists in the Hotel Listing plugin, potentially allowing privilege escalation. The issue is present in the hotel-listing component. Recommendations...

8.6CVSS6.7AI score0.00307EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/10 3:13 p.m.4 views

CVE-2025-62734

Cross-Site Request Forgery CSRF vulnerability in M.Code Media Library Downloader media-library-downloader allows Cross Site Request Forgery.This issue affects Media Library Downloader: from n/a through = 1.4.0...

4.3CVSS5.9AI score0.00107EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 2:52 p.m.1 views

CVE-2025-62734 WordPress Media Library Downloader plugin <= 1.4.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in M.Code Media Library Downloader media-library-downloader allows Cross Site Request Forgery.This issue affects Media Library Downloader: from n/a through = 1.4.0...

4.3CVSS5.1AI score0.00107EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.4 views

PT-2025-50003

Cross-Site Request Forgery CSRF vulnerability in Michael Revellin-Clerc Media Library Downloader media-library-downloader allows Cross Site Request Forgery.This issue affects Media Library Downloader: from n/a through = 1.4.0...

6.9AI score0.00107EPSS
Exploits0References2
NVD
NVD
added 2025/10/22 3:15 p.m.2 views

CVE-2025-48096

Missing Authorization vulnerability in FRESHFACE Custom CSS custom-css-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom CSS: from n/a through = 1.4.0...

6.5CVSS0.00273EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/22 2:32 p.m.2 views

CVE-2025-49961 WordPress Breeze Checkout plugin <= 1.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Breeze Team Breeze Checkout breeze-checkout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze Checkout: from n/a through = 1.4.0...

6.5CVSS6.6AI score0.00281EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 2:32 p.m.9 views

CVE-2025-48096 WordPress Custom CSS plugin <= 1.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in FRESHFACE Custom CSS custom-css-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom CSS: from n/a through = 1.4.0...

6.5CVSS0.00273EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/22 2:32 p.m.2 views

CVE-2025-48096 WordPress Custom CSS plugin <= 1.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in FRESHFACE Custom CSS custom-css-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom CSS: from n/a through = 1.4.0...

6.5CVSS6.6AI score0.00273EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/10/16 12:32 a.m.12 views

WordPress WP jQuery Pager plugin <= 1.4.0 - Authenticated (Contributor+) SQL Injection via Shortcode vulnerability

Authenticated Contributor+ SQL Injection via Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin WP jQuery Pager versions = 1.4.0...

6.5CVSS8AI score0.00252EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder