Lucene search
+L

5 matches found

Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.4 views

PT-2025-43793

Missing Authorization vulnerability in adivaha® Flights & Hotels Booking WP Plugin adiaha-hotel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flights & Hotels Booking WP Plugin: from n/a through = 3.1...

8.8CVSS7AI score0.00236EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/16 8:33 a.m.3 views

CVE-2025-10303

The Library Management System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the owt7librarymanagementajaxhandler function in all versions up to, and including, 3.1. This makes it possible for authenticated attackers, with...

4.3CVSS5.1AI score0.00219EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 12:54 p.m.47 views

CVE-2025-30627

CVE-2025-30627 describes a Stored XSS in Elegant Visitor Counter (WordPress plugin) due to improper input neutralization during web page generation. Affected software: Elegant Visitor Counter up to version 3.1. Root cause: inadequate sanitization of input leading to script injection in pages gene...

5.9CVSS5.9AI score0.00225EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/11 9:41 p.m.7 views

WordPress ZipList Recipe plugin <= 3.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin ZipList Recipe versions = 3.1...

8.8CVSS9.1AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/02/20 11:37 p.m.4 views

WordPress Ziggeo plugin <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Ziggeo versions = 3.1...

6.4CVSS5.7AI score0.00272EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder