Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/25 11:26 p.m.4 views

CVE-2026-4758

The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possible for authenticated attackers, with Subscriber-lev...

8.8CVSS6.6AI score0.0078EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/08 4:24 p.m.8 views

CVE-2026-22490 WordPress Bulk Landing Page Creator for WordPress LPagery plugin <= 2.4.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in niklaslindemann Bulk Landing Page Creator for WordPress LPagery lpagery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk Landing Page Creator for WordPress LPagery: from n/a through = 2.4.9...

5.4CVSS5.9AI score0.00173EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.3 views

PT-2025-48681

Name of the Vulnerable Software and Affected Versions Argus Technology Inc. BILGER versions prior to 2.4.9 Description A flaw exists in Argus Technology Inc. BILGER that allows for the insertion of sensitive information into sent data through the manipulation of message identifiers. The issue...

7.5CVSS5.4AI score0.00268EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/30 12:0 a.m.4 views

PT-2025-35344

Name of the Vulnerable Software and Affected Versions: Ocean Extra plugin for WordPress versions through 2.4.9 Description: The Ocean Extra plugin for WordPress is susceptible to Stored Cross-Site Scripting via the oceanwp library shortcode due to insufficient input sanitization and output escapi...

6.4CVSS5.1AI score0.00232EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/11/11 9:5 a.m.7 views

WordPress Sage AI: Chatbots, OpenAI GPT-4 Bulk Articles, Dalle-3 Image Generation plugin <= 2.4.9 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Sage AI: Chatbots, OpenAI GPT-4 Bulk Articles, Dalle-3 Image Generation versions = 2.4.9...

9.9CVSS7AI score0.00478EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2019/02/18 4:58 p.m.4 views

httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications

It has been discovered that the modsession module of Apache HTTP Server httpd, through version 2.4.29, has an improper input validation flaw in the way it handles HTTP session headers in some configurations. A remote attacker may influence their content by using a "Session" header...

5.3CVSS7.2AI score0.10118EPSS
Exploits0References4
Rows per page
Query Builder