Lucene search
K

7 matches found

EUVD
EUVD
added 2026/03/21 6:30 a.m.6 views

EUVD-2025-208918

The Invelity Product Feeds plugin for WordPress is vulnerable to arbitrary file deletion via path traversal in all versions up to, and including, 1.2.6. This is due to missing validation and sanitization in the 'createManageFeedPage' function. This makes it possible for authenticated...

8.1CVSS5.9AI score0.00173EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/22 12:0 a.m.6 views

WordPress plugin Automattic Developer 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

4.3CVSS6.5AI score0.0015EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/05 1:45 p.m.13 views

CVE-2025-58836 WordPress FW Anker Plugin <= 1.2.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Franz Wieser FW Anker fw-anker allows Stored XSS.This issue affects FW Anker: from n/a through = 1.2.6...

6.5CVSS0.00202EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/03 3:19 p.m.5 views

WordPress LTL Freight Quotes - TQL Edition Plugin <= 1.2.6 - PHP Object Injection Vulnerability

WordPress LTL Freight Quotes - TQL Edition Plugin = 1.2.6 - PHP Object Injection Vulnerability discovered by mcdruid in WordPress Plugin LTL Freight Quotes - TQL Edition versions = 1.2.6...

7.2CVSS7AI score0.00354EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.4 views

PT-2025-2645 · Unknown · Themeglow Jobboard

Name of the Vulnerable Software and Affected Versions: ThemeGlow JobBoard Job listing versions 1.2.6 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited by uploading a...

10CVSS9.5AI score0.00515EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/11/07 12:0 a.m.5 views

PT-2023-32141 · WordPress · Imagemapper

Name of the Vulnerable Software and Affected Versions: ImageMapper plugin for WordPress versions up to, and including, 1.2.6 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the 'imagemap' shortcode, allowing authenticated...

6.4CVSS6AI score0.00434EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2022/06/28 11:23 p.m.7 views

ai.deepsense:seahorse-executor-commons_2.11 (>=1.4.2 <=1.4.3), ai.deepsense:seahorse-executor-deeplang_2.11 (>=1.4.2 <=1.4.3) +505 more potentially affected by CVE-2018-18855 via io.spray:spray-json_2.11 (>=1.2.6 <=1.3.4)

io.spray:spray-json2.11 MAVEN version =1.2.6, =1.4.2, =1.4.2, =1.4.2, =1.4.2, =1.4, =1.0, =0.1.3, =0.1.14, =1.0.0, =0.1.0, =0.5.0, =0.11.1, =0.15.2, =0.5.0, =0.0.8, =0.0.12 and more Source cves: CVE-2018-18855 Source advisory: OSV:GHSA-WW3V-6XJF-JV28...

7.1AI score0.00532EPSS
Exploits0
Rows per page
Query Builder