Lucene search
K

5 matches found

OSV
OSV
added 2026/06/18 9:49 a.m.4 views

BIT-MASTODON-2026-47777 Mastodon has a consent-check bypass in its remote Collections

Mastodon is a free, open-source social network server based on ActivityPub. In versions there is a missing condition in the check if remote accounts consented to be featured in a remote Collection could lead to attackers bypassing the check and faking consent. An attacker could forge the...

7.5CVSS5.5AI score0.00167EPSS
Exploits0References3
OSV
OSV
added 2025/08/06 9:22 a.m.6 views

CVE-2025-8620 GiveWP – Donation Plugin and Fundraising Platform <= 4.6.0 - Unauthenticated Donor Data Exposure

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.6.0. This makes it possible for unauthenticated attackers to extract donor names, emails, and donor id. CVE-2025-47444 is a duplicate of this...

5.3CVSS5.9AI score0.00536EPSS
Exploits0References6
OSV
OSV
added 2021/02/09 3:15 p.m.3 views

CVE-2020-27259

The Omron CX-One Version 4.60 and prior may allow an attacker to supply a pointer to arbitrary memory locations, which may allow an attacker to remotely execute arbitrary code...

8.8CVSS7.5AI score0.02669EPSS
Exploits0References2
CNVD
CNVD
added 2020/03/09 12:0 a.m.7 views

WordPress RegistrationMagic Cross-Site Request Forgery Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.RegistrationMagic is a user registration plugin used in it. A cross-site request forgery vulnerability exists in WordPress...

8.8CVSS6.7AI score0.0109EPSS
Exploits1References1
CNVD
CNVD
added 2017/08/02 12:0 a.m.2 views

Arbitrary File Download Vulnerability in MS-MCMS Frontend of MDFMS Platform

MS-MCMS is a web management system using pure java development. A java + spring + mybatis web site building system developed by Mingfei Technology Co. MS-MCMS v4.6.0 version of the MS platform exists arbitrary file download vulnerability in the foreground , due to the system failed to...

6.9AI score
Exploits0
Rows per page
Query Builder