Lucene search
K

9 matches found

Cvelist
Cvelist
added 2026/01/22 4:52 p.m.18 views

CVE-2026-22458 WordPress Wanderland theme <= 1.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mikado-Themes Wanderland wanderland allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wanderland: from n/a through = 1.5...

4.3CVSS0.00235EPSS
Exploits0References1
CVE
CVE
added 2025/12/29 3:58 p.m.17 views

CVE-2025-68879

CVE-2025-68879 is a Reflected XSS in Content Grid Slider for WordPress. The issue is caused by improper neutralization of input during web page generation, affecting Content Grid Slider versions up to 1.5. Public exploitation status is not detailed in the provided documents. The connected Wordfen...

7.1CVSS5.9AI score0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 4:41 p.m.19 views

CVE-2023-22675 WordPress WP Fast Cache plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Taylor Hawkes WP Fast Cache allows Cross Site Request Forgery.This issue affects WP Fast Cache: from n/a through 1.5...

4.3CVSS0.00107EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/22 7:35 p.m.3 views

WordPress WP System Information Plugin <= 1.5 - Sensitive Data Exposure Vulnerability

Sensitive Data Exposure Vulnerability discovered by Nabil Irawan in WordPress Plugin WP System Information versions = 1.5...

4.3CVSS6.6AI score0.00275EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/08/30 6:18 p.m.7 views

CVE-2025-7955

The RingCentral Communications plugin for WordPress is vulnerable to Authentication Bypass due to improper validation within the ringcentraladminlogin2faverify function in versions 1.5 to 1.6.8. This makes it possible for unauthenticated attackers to log in as any user simply by supplying identic...

9.8CVSS6.2AI score0.00666EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:45 a.m.3 views

CVE-2023-30149

SQL injection vulnerability in the City Autocomplete cityautocomplete module from ebewe.net for PrestaShop, prior to version 1.8.12 for PrestaShop version 1.5/1.6 or prior to 2.0.3 for PrestaShop version 1.7, allows remote attackers to execute arbitrary SQL commands via the type, inputname. or q...

9.8CVSS8.7AI score0.18354EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/01/30 12:0 a.m.7 views

PT-2025-2182 · WordPress · Testimonial Slider

Name of the Vulnerable Software and Affected Versions: WE – Testimonial Slider plugin for WordPress versions 1.5 and earlier Description: The issue is related to Stored Cross-Site Scripting via Testimonial Author Names due to insufficient input sanitization and output escaping. This allows...

6.4CVSS8AI score0.00212EPSS
Exploits0References6
CNVD
CNVD
added 2016/12/17 12:0 a.m.5 views

XenForo Remote Code Execution Vulnerability

XenForo is a community forum software with a fresh interface and a powerful engine. A remote code execution vulnerability exists in XenForo versions between 1.5.x and 1.5.11a, which can be exploited by an attacker to execute arbitrary code by constructing a specific HTTP request...

8.6AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2013/02/08 12:0 a.m.5 views

PT-2013-2197

Name of the Vulnerable Software and Affected Versions Rack versions 1.4.x through 1.4.4 Rack versions 1.5.x through 1.5.1 Description The issue allows attackers to access arbitrary files outside the intended root directory via a crafted PATH INFO environment variable, probably a directory travers...

10CVSS7AI score0.35376EPSS
Exploits4References53
Rows per page
Query Builder