Lucene search
K

13 matches found

Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.11 views

PT-2026-49523

Subscriber SQL Injection in WCMultiShipping = 3.0.2 versions...

8.5CVSS5.7AI score0.0037EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.8 views

CVE-2026-7249

The Location Weather plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the splwupdateblockoptions and lwpcleanweathertransients functions in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with...

4.3CVSS5.5AI score0.00248EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/23 7:7 p.m.7 views

WordPress Task Manager plugin <= 3.0.2 - Authenticated (Subscriber+) Arbitrary File Read vulnerability

Authenticated Subscriber+ Arbitrary File Read vulnerability discovered by theviper17y in WordPress Plugin Task Manager versions = 3.0.2...

6.5CVSS5.8AI score0.00252EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/20 8:4 a.m.8 views

WordPress Aruba HiSpeed Cache plugin <= 3.0.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by mikemyers in WordPress Plugin Aruba HiSpeed Cache versions = 3.0.2...

6.1CVSS5.5AI score0.00283EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 8:52 a.m.5 views

WordPress Image Hover Effects for Elementor with Lightbox and Flipbox plugin <= 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via _id, oxi_addons_f_title_tag, and content_description_tag Parameters vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via id, oxiaddonsftitletag, and contentdescriptiontag Parameters vulnerability discovered by stealthcopter in WordPress Plugin Image Hover Effects - Caption Hover with Carousel versions = 3.0.2...

6.4CVSS5.3AI score0.00321EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/01/23 3:16 p.m.3 views

CVE-2026-24571

Missing Authorization vulnerability in boxnow BOX NOW Delivery box-now-delivery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BOX NOW Delivery: from n/a through = 3.0.2...

4.3CVSS0.00185EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:32 a.m.5 views

CVE-2023-25056

Cross-Site Request Forgery CSRF vulnerability in SlickRemix Feed Them Social plugin = 3.0.2 versions...

8.8CVSS7AI score0.00256EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.8 views

WordPress Age Restriction plugin <= 3.0.2 - Subscriber+ Privilege Escalation vulnerability

Subscriber+ Privilege Escalation vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin Premium Age Verification / Restriction for WordPress versions = 3.0.2...

7.5CVSS5.5AI score0.00196EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/10 3:13 p.m.3 views

CVE-2025-62090

Missing Authorization vulnerability in Jegstudio Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons gutenverse-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons:...

6.5CVSS7AI score0.00212EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/06 3:54 p.m.5 views

CVE-2025-54721 WordPress Resca theme <= 3.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress Resca resca allows Reflected XSS.This issue affects Resca: from n/a through = 3.0.2...

7.1CVSS0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/27 10:55 a.m.24 views

CVE-2025-30893 WordPress LeadConnector plugin <= 3.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LeadConnector LeadConnector leadconnector allows DOM-Based XSS.This issue affects LeadConnector: from n/a through = 3.0.2...

6.5CVSS0.00271EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/07/09 7:25 a.m.5 views

WordPress Cliengo - Chatbot plugin <= 3.0.2 - Missing Authorization to Authorized (Subscriber+) Chatbot Settings Update vulnerability

WordPress Cliengo - Chatbot plugin = 3.0.2 - Missing Authorization to Authorized Subscriber+ Chatbot Settings Update vulnerability discovered by Lucio Sá in WordPress Plugin Cliengo – Chatbot versions = 3.0.2...

5.4CVSS7AI score0.00465EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/07/06 12:0 a.m.4 views

WordPress plugin Image Hover Effects with Carousel security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS6.8AI score0.00237EPSS
Exploits0References2
Rows per page
Query Builder