Lucene search
K

7 matches found

Cvelist
Cvelist
added 2026/06/16 9:5 a.m.30 views

CVE-2026-40809 WordPress Metro Magazine theme <= 1.4.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Rara Themes Metro Magazine allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Metro Magazine: from n/a through 1.4.1...

6.5CVSS0.00196EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.12 views

PT-2026-43545

The Enable jQuery Migrate Helper plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the downgrade jquery version function in all versions up to, and including, 1.4.1. This is due to the function only verifying a nonce without checking user...

6.5CVSS5.8AI score0.00277EPSS
Exploits0References7
Patchstack
Patchstack
added 2026/04/08 12:21 p.m.6 views

WordPress Playroom theme <= 1.4.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Playroom versions = 1.4.1...

5.8AI score0.00205EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/23 12:0 a.m.7 views

PT-2026-21580

Name of the Vulnerable Software and Affected Versions free5gc UDM versions up to and including 1.4.1 Description free5gc UDM provides Unified Data Management for free5GC, an open-source 5G mobile core network project. A flaw exists where attackers can inject control characters, such as %00, into...

8.7CVSS5.2AI score0.00462EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/09/17 12:0 a.m.4 views

ZimaOS 安全漏洞

ZimaOS is an open source operating system project from IceWhaleTech designed to provide a lightweight, high-performance, secure operating system environment. A security vulnerability exists in ZimaOS 1.4.1 and earlier versions that originates in the /v21/files/file/download endpoint that allows...

6.2CVSS6.4AI score0.00191EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/05/03 12:0 a.m.5 views

PT-2024-25567 · Unknown · Kailey Lampert Mini Loops

Name of the Vulnerable Software and Affected Versions: Kailey Lampert Mini Loops versions 1.4.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker ca...

6.5CVSS6.3AI score0.00312EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.5 views

Irontec Sngrep 安全漏洞

Irontec Sngrep is a tool from Irontec for displaying SIP call message streams from endpoints. A security vulnerability exists in Irontec Sngrep versions v1.4.1 through v1.8.1, which stems from copying Content-Length and Warning headers into the sipvalidatepacket and sipparseextraheaders functions...

9.8CVSS9.2AI score0.01838EPSS
Exploits0References5
Rows per page
Query Builder