Lucene search
K

14 matches found

NVD
NVD
added 2026/06/25 2:16 p.m.7 views

CVE-2026-54845

Unauthenticated Local File Inclusion in MDTF = 1.3.8 versions...

8.1CVSS0.00274EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:12 p.m.6 views

CVE-2026-54845

Unauthenticated Local File Inclusion in MDTF = 1.3.8 versions...

8.1CVSS5.8AI score0.00274EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.13 views

WordPress plugin Hostinger Reach 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

5.3CVSS5.8AI score0.00378EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.13 views

CVE-2026-25009

CVE-2026-25009 is a Missing Authorization vulnerability in Education Zone WordPress Theme. Affected software: Education Zone versions up to and including 1.3.8 (no details on earlier/other variants provided). Root cause: insufficient access control configuration allowing unauthorized actions on p...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 11:42 a.m.1 views

CVE-2026-32436

Missing Authorization vulnerability in vowelweb VW Photography vw-photography allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Photography: from n/a through = 1.3.8...

5.8AI score0.00243EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/24 6:30 p.m.6 views

CVE-2025-53454

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Stored XSS.This issue affects Ultimate WP Mail: from n/a through = 1.3.8...

6.5CVSS5.9AI score0.00258EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/11 10:30 p.m.8 views

WordPress Enhanced BibliPlug plugin <= 1.3.8 - Authenticated (Contirbutor+) Stored Cross-Site Scripting vulnerability

Authenticated Contirbutor+ Stored Cross-Site Scripting vulnerability discovered by Gilang in WordPress Plugin Enhanced BibliPlug versions = 1.3.8...

6.4CVSS5.5AI score0.0018EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/09/11 7:25 a.m.22 views

CVE-2025-9855

CVE-2025-9855 : The Enhanced BibliPlug WordPress plugin is vulnerable to Stored Cross-Site Scripting in all versions up to and including 1.3.8 due to insufficient input sanitization and output escaping of user-supplied attributes in the shortcode bibliplug_authors. Exploitation requires authentic...

6.4CVSS4.7AI score0.0018EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/09/09 5:8 p.m.6 views

WordPress Pixeline's Email Protector Plugin <= 1.3.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Pixelines Email Protector versions = 1.3.8...

5.9CVSS6.1AI score0.00165EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/11 11:5 a.m.5 views

WordPress Diza theme <= 1.3.8 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Phat RiO - BlueRock in WordPress Theme Diza versions = 1.3.8...

8.1CVSS7AI score0.00496EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/12/30 4:29 p.m.3 views

WordPress AyeCode Connect plugin <= 1.3.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin AyeCode Connect versions = 1.3.8...

4.3CVSS7AI score0.00281EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.7 views

PT-2024-27334 · WordPress · Elementor Forms Plugin +2

Name of the Vulnerable Software and Affected Versions: The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress versions up to, and including, 1.3.8 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping...

7.2CVSS6.2AI score0.00636EPSS
Exploits0References4
OSV
OSV
added 2023/11/09 10:15 p.m.3 views

CVE-2023-32587

Cross-Site Request Forgery CSRF vulnerability in WP Reactions, LLC WP Reactions Lite plugin = 1.3.8 versions...

8.8CVSS7.3AI score
Exploits0References1
OSV
OSV
added 2022/04/11 8:15 p.m.3 views

CVE-2022-25615

Cross-Site Request Forgery CSRF in StylemixThemes eRoom – Zoom Meetings & Webinar WordPress plugin = 1.3.8 allows cache deletion...

4.3CVSS5.8AI score0.00432EPSS
Exploits0References2
Rows per page
Query Builder