Lucene search
+L

9 matches found

CVE
CVE
added 2026/03/25 4:14 p.m.10 views

CVE-2026-27073

CVE-2026-27073 is a WordPress plugin issue affecting Addi – Cuotas que se adaptan a ti, 2.0.4. The available connected sources do not provide explicit exploit details or in-the-wild activity beyond the vulnerability description and fixes. If you use this plugin, prioritize upgrading to a non-vul...

7.5CVSS5.2AI score0.00238EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:15 p.m.5 views

CVE-2025-66135

Missing Authorization vulnerability in merkulove Imager for Elementor imager-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Imager for Elementor: from n/a through = 2.0.4...

5.4CVSS5.4AI score0.0022EPSS
Exploits0References1
NVD
NVD
added 2025/11/21 1:15 p.m.10 views

CVE-2025-66112

Missing Authorization vulnerability in WebToffee Accessibility Toolkit by WebYes accessibility-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility Toolkit by WebYes: from n/a through = 2.0.4...

4.3CVSS0.00181EPSS
Exploits0References1
NVD
NVD
added 2025/01/27 2:15 p.m.11 views

CVE-2025-22513

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kyle Phillips Simple Locator simple-locator allows Reflected XSS.This issue affects Simple Locator: from n/a through = 2.0.4...

7.1CVSS0.0022EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/25 12:0 a.m.7 views

PT-2025-3845 · WordPress · Divi Carousel Maker

Name of the Vulnerable Software and Affected Versions: Divi Carousel Maker plugin for WordPress versions up to, and including, 2.0.4 Description: The Divi Carousel Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Carousel and Logo Carousel in all...

6.4CVSS5.9AI score0.00338EPSS
Exploits0References12
Patchstack
Patchstack
added 2024/10/30 10:43 a.m.4 views

WordPress Helloprint plugin <= 2.0.4 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Helloprint versions = 2.0.4...

10CVSS7AI score0.00501EPSS
Exploits0Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/10/15 12:0 a.m.2 views

VulnCheck KEV: CVE-2019-25214

The ShopWP plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several REST API routes in versions up to, and including, 2.0.4. This makes it possible for unauthenticated attackers to call the endpoints and perform unauthorized actions such as...

7.2CVSS5.8AI score0.00325EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/08/12 2:34 p.m.5 views

WordPress Widgets for WooCommerce Products on Elementor plugin <= 2.0.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Woo Products Widgets For Elementor versions = 2.0.4...

8.5CVSS7AI score0.00552EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/11 10:11 a.m.5 views

WordPress Academy LMS plugin <= 2.0.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by filime Patchstack Alliance in WordPress Plugin Academy LMS versions = 2.0.4...

8.8CVSS7AI score0.00372EPSS
Exploits0Affected Software1
Rows per page
Query Builder