Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2025/11/01 12:0 a.m.4 views

PT-2025-44706

Name of the Vulnerable Software and Affected Versions Schema Scalpel versions prior to 1.6.2 Description The Schema Scalpel plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escaping when handling user-supplied data in the...

6.4CVSS5.9AI score0.00218EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2025/10/28 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2025-cf3fbd8fcf)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.8AI score0.00313EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/07 12:0 a.m.5 views

PT-2022-22771 · WordPress · Role Based Pricing For Woocommerce

Name of the Vulnerable Software and Affected Versions: Role Based Pricing for WooCommerce WordPress plugin versions prior to 1.6.2 Description: The issue allows any authenticated users, such as subscribers, to upload arbitrary files, including PHP, due to the lack of authorization, proper CSRF...

8.8CVSS8.6AI score0.00498EPSS
Exploits2References6
Patchstack
Patchstack
added 2020/10/22 12:0 a.m.11 views

WordPress Advanced Booking Calendar plugin <= 1.6.1 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability found by Lenon Leite in WordPress Advanced Booking Calendar plugin versions = 1.6.1. Solution Update the WordPress Advanced Booking Calendar plugin to the latest available version at least 1.6.2...

3.2AI score
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2019/07/29 12:0 a.m.8 views

PT-2019-13431 · Vsourz Digital · Vsourz Digital Advanced Cf7 Db Plugin

Name of the Vulnerable Software and Affected Versions: Vsourz Digital Advanced CF7 DB plugin versions prior to 1.6.2 Description: A SQL injection issue exists, allowing a remote attacker to execute arbitrary SQL commands on the affected system. Recommendations: For Vsourz Digital Advanced CF7 DB...

9.8CVSS10AI score0.03995EPSS
Exploits1References8
Rows per page
Query Builder