Lucene search
+L

7 matches found

ptsecurity
ptsecurity
added 2026/02/20 12:0 a.m.6 views

PT-2026-21160

Name of the Vulnerable Software and Affected Versions vanquish Upload Files Anywhere versions prior to and including 2.8 Description The software contains a flaw related to improper limitation of a pathname to a restricted directory, specifically a 'Path Traversal' issue. This impacts the Upload...

5.3AI score0.00371EPSS
Exploits0References3
patchstack
patchstack
added 2026/01/24 4:42 p.m.7 views

WordPress Wired Impact Volunteer Management plugin <= 2.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by hhhai in WordPress Plugin Wired Impact Volunteer Management versions = 2.8...

5.3CVSS5.3AI score0.00176EPSS
Exploits0Affected Software1
cve
cve
added 2025/12/16 8:12 a.m.10 views

CVE-2025-49300

CVE-2025-49300 affects WordPress plugin Traveler Option Tree (shinetheme) up to version 2.8. The vulnerability arises from insertion of sensitive information into data that is sent, enabling retrieval of embedded sensitive data from the custom-option-tree component. Affected versions are through ...

2.7CVSS6.5AI score0.00239EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/10/24 2:33 p.m.6 views

CVE-2025-60234

Deserialization of Untrusted Data vulnerability in designthemes Single Property single-property allows Object Injection.This issue affects Single Property: from n/a through = 2.8...

8.8CVSS7AI score0.00486EPSS
Exploits0References1
nvd
nvd
added 2025/10/22 3:16 p.m.16 views

CVE-2025-60234

Deserialization of Untrusted Data vulnerability in designthemes Single Property single-property allows Object Injection.This issue affects Single Property: from n/a through = 2.8...

8.8CVSS0.00486EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/11/01 12:0 a.m.4 views

PT-2024-16432 · Idexpert · Idexpert

Name of the Vulnerable Software and Affected Versions: IDExpert versions up to 2.8 Description: The issue concerns a lack of validation in the administrator interface of IDExpert, allowing remote attackers with administrative privileges to inject and execute OS commands on the server. This can be...

7.2CVSS8.2AI score0.00563EPSS
Exploits0References10
ptsecurity
ptsecurity
added 2024/10/16 12:0 a.m.4 views

PT-2024-10573

Name of the Vulnerable Software and Affected Versions Kento Post View Counter plugin for WordPress versions up to, and including, 2.8 Description The issue allows unauthenticated attackers to perform SQL Injection via the kento pvc geo parameter due to insufficient escaping on the user-supplied...

9.8CVSS7.1AI score0.0053EPSS
Exploits0References6
Rows per page
Query Builder