Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/03/22 12:0 a.m.5 views

PT-2026-26965

The 'The Ultimate WordPress Toolkit – WP Extended' plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.4. This is due to the isDashboardOrProfileRequest method in the Menu Editor module using an insecure strpos check against $ SERVER'REQUEST URI' t...

8.8CVSS5.9AI score0.00286EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/08/19 11:36 p.m.7 views

WordPress Redirection for Contact Form 7 plugin <= 3.2.4 - Unauthenticated PHP Object Injection via PHAR Deserialization vulnerability

Unauthenticated PHP Object Injection via PHAR Deserialization vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Redirection for Contact Form 7 versions = 3.2.4...

7.5CVSS7.2AI score0.00367EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/09/17 12:0 a.m.3 views

WordPress plugin Houzez 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

8.8CVSS8.7AI score0.00444EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/25 12:0 a.m.9 views

PT-2024-1831 · Vitalpbx · Vitalpbx

Name of the Vulnerable Software and Affected Versions: VitalPBX versions 3.2.4 through 3.2.5 Description: The issue is related to insufficient protection of service data when processing a script from the /var/lib/vitalpbx directory, allowing an attacker to execute arbitrary code via a crafted...

7.2CVSS7.6AI score0.01024EPSS
Exploits1References9
vulnersOsv
vulnersOsv
added 2021/01/29 11:21 a.m.5 views

@pl-test/c (>=1.1.0 <=1.1.1), @pl-test/e (=1.1.0) +6 more potentially affected by CVE-2020-28494 via total.js (>=3.2.4 <=3.4.13)

total.js NPM version =3.2.4, =1.1.0, =0.3.0, =4.0.0, =1.0.0, =0.0.1, =0.0.4 Source cves: CVE-2020-28494 Source advisory: SNYK:JS-TOTALJS-1046672...

8.6CVSS7.2AI score0.01702EPSS
Exploits1
Rows per page
Query Builder