Lucene search
K

1232 matches found

CNNVD
CNNVD
added 2025/12/18 12:0 a.m.4 views

WordPress plugin WP Voting Contest 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.5CVSS6.6AI score0.00246EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.6 views

PT-2025-52143

Missing Authorization vulnerability in Matt WP Voting Contest wp-voting-contest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Voting Contest: from n/a through = 5.8...

7AI score0.00246EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.4 views

Campcodes Advanced Voting Management System 授权问题漏洞

CampCodes Advanced Voting Management System is an advanced voting management system from CampCodes Philippines. An authorization issue vulnerability exists in Campcodes Advanced Voting Management System version 1.0, which stems from improper handling of the parameter ID in the file...

6.3CVSS5.6AI score0.00244EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/16 12:26 a.m.5 views

CVE-2025-65782

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authorization flaw in card update handling allows board members and potentially other authenticated users to add/remove arbitrary user IDs in vote.positive / vote.negative arrays, enabling vo...

6.5CVSS7AI score0.00225EPSS
Exploits0References1
OSV
OSV
added 2025/12/15 2:15 p.m.5 views

CVE-2025-65782

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authorization flaw in card update handling allows board members and potentially other authenticated users to add/remove arbitrary user IDs in vote.positive / vote.negative arrays, enabling vo...

6.5CVSS6.8AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/15 12:0 a.m.4 views

CVE-2025-65782

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authorization flaw in card update handling allows board members and potentially other authenticated users to add/remove arbitrary user IDs in vote.positive / vote.negative arrays, enabling vo...

6.6AI score0.00225EPSS
Exploits0References4
CVE
CVE
added 2025/12/15 12:0 a.m.10 views

CVE-2025-65782

Wekan up to v18.15 is affected by an authorization flaw in card update handling that lets board members or other authenticated users add/remove arbitrary user IDs in vote.positive / vote.negative arrays, enabling vote forgery and unauthorized voting. The issue is fixed in v18.16. Affected compone...

6.5CVSS6.6AI score0.00225EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/13 3:59 a.m.6 views

CVE-2025-14129

The Like DisLike Voting plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS5.6AI score0.00211EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/12 6:33 a.m.9 views

WordPress Like DisLike Voting plugin <= 1.0.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability

Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Like DisLike Voting versions = 1.0.1...

6.1CVSS6.1AI score0.00211EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/12/12 4:15 a.m.26 views

CVE-2025-14129

The Like DisLike Voting plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS0.00211EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/12 3:20 a.m.3 views

CVE-2025-14129 Like DisLike Voting <= 1.0.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']

The Like DisLike Voting plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS5.3AI score0.00211EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/12 3:20 a.m.29 views

CVE-2025-14129 Like DisLike Voting <= 1.0.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']

The Like DisLike Voting plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS0.00211EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.4 views

WordPress plugin Like DisLike Voting 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS5.8AI score0.00211EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.7 views

PT-2025-50853

The Like DisLike Voting plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $ SERVER'PHP SELF' variable in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS5.6AI score0.00211EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/12/10 12:0 a.m.4 views

ByteShield: Adversarially Robust End-To-End Malware Detection through Byte Masking

Research has proven that end-to-end malware detectors are vulnerable to adversarial attacks. In response, the research community has proposed defenses based on randomized and derandomized smoothing. However, these techniques remain susceptible to attacks that insert large adversarial payloads. To...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/24 12:3 p.m.7 views

IACR Nullifies Election Because of Lost Decryption Key

The International Association of Cryptologic Research--the academic cryptography association that's been putting conferences like Crypto back when "crypto" meant "cryptography" and Eurocrypt since the 1980s--had to nullify an online election when trustee Moti Yung lost his decryption key. For thi...

6.8AI score
Exploits0
CNVD
CNVD
added 2025/11/20 12:0 a.m.3 views

Online Voting System /index.php File SQL Injection Vulnerability

Online Voting System is an online voting system. Online Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter id/category in the file /index.php. An attacker can exploit this vulnerability to...

8.8CVSS8.3AI score0.0029EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/20 12:0 a.m.3 views

Online Voting System /login.php File SQL Injection Vulnerability

Online Voting System is an online voting system. Online Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Username in the file /login.php. An attacker can exploit this vulnerability to execute...

9.8CVSS8.3AI score0.00363EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/20 12:0 a.m.4 views

Online Voting System /index.php File Code Problem Vulnerability

Online Voting System is an online voting system. Online Voting System has a code issue vulnerability that stems from a lack of validation of uploaded files in the page parameter of file /index.php. An attacker can exploit this vulnerability to upload malicious files...

8.8CVSS7.3AI score0.0027EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/20 12:0 a.m.3 views

Online Voting System /ajax.ph File SQL Injection Vulnerability

Online Voting System is an online voting system. Online Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file /ajax.php. An attacker can exploit this vulnerability to execute illega...

8.8CVSS8.2AI score0.0027EPSS
Exploits1References1
Rows per page
Query Builder