Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2026/03/26 5:1 p.m.9 views

CVE-2026-22480

Deserialization of Untrusted Data vulnerability in WebToffee Product Feed for WooCommerce webtoffee-product-feed allows Object Injection.This issue affects Product Feed for WooCommerce: from n/a through = 2.3.3...

7.2CVSS5.8AI score0.00503EPSS
Exploits0References1
cve
cve
added 2026/01/01 4:19 p.m.20 views

CVE-2025-14428

CVE-2025-14428 affects the WordPress plugin “All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs – My Sticky Elements” up to version 2.3.3. The issue is a missing capability check in the my_sticky_elements_bulks function, allowing authenticated attackers with Su...

4.3CVSS4.7AI score0.00261EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2025/10/19 3:32 p.m.5 views

CVE-2025-11941 e107 CMS Avatar image.php path traversal

A vulnerability was detected in e107 CMS up to 2.3.3. This impacts an unknown function of the file /e107admin/image.php?mode=main&action=avatar of the component Avatar Handler. Performing manipulation of the argument multiaction results in path traversal. It is possible to initiate the attack...

5.5CVSS5.4AI score0.00853EPSS
Exploits1References5
redhatcve
redhatcve
added 2025/05/23 2:42 a.m.5 views

CVE-2023-41866

Missing Authorization vulnerability in Team Plugins360 Automatic YouTube Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic YouTube Gallery: from n/a through 2.3.3...

4.3CVSS8.5AI score0.00548EPSS
Exploits0References1
patchstack
patchstack
added 2024/12/12 10:39 p.m.6 views

WordPress SuperBackup plugin <= 2.3.3 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Tonn in WordPress Plugin WP SuperBackup versions = 2.3.3...

9.8CVSS7AI score0.03549EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder