Lucene search
+L

4 matches found

Patchstack
Patchstack
added 2025/12/31 12:0 a.m.10 views

WordPress WP01 - Speed, Security, SEO consultant plugin <= 2.6.2 - Authenticated (Subscriber+) Arbitrary File Download vulnerability

WordPress WP01 - Speed, Security, SEO consultant plugin = 2.6.2 - Authenticated Subscriber+ Arbitrary File Download vulnerability discovered by theviper17y in WordPress Plugin WP01 versions = 2.6.2...

6.5CVSS5.5AI score0.00327EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/03/22 12:15 p.m.13 views

CVE-2025-1972

The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the adminlogpage function in all versions up to, and including, 2.6.2. This makes it possible for authenticated attackers, with Administrator-level...

6.5CVSS0.00371EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/11/09 12:0 a.m.8 views

PT-2023-23149 · Unknown · Chronosly Events Calendar

Name of the Vulnerable Software and Affected Versions: Chronosly Events Calendar plugin versions = 2.6.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user is...

8.8CVSS8.8AI score0.00315EPSS
Exploits0References4
OSV
OSV
added 2021/03/02 10:15 p.m.5 views

CVE-2020-12530

An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. There is an XSS issue in the redirect.php allowing an attacker to inject code via a get parameter...

6.1CVSS6.4AI score0.00624EPSS
Exploits0References1
Rows per page
Query Builder