CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

RedhatCVE•added 2026/01/29 3:18 p.m.•5 views

CVE-2026-1060

The WP Adminify plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.0.7.7 via the /wp-json/adminify/v1/get-addons-list REST API endpoint. The endpoint is registered with permissioncallback set to returntrue, allowing unauthenticated attacke...

5.3CVSS5.9AI score0.00064EPSS

Exploits0References1

Vulnrichment•added 2026/01/28 2:25 p.m.•4 views

CVE-2026-1060 WP Adminify <= 4.0.7.7 - Unauthenticated Sensitive Information Exposure via 'get-addons-list' REST API

5.3CVSS5.9AI score0.00064EPSS

Exploits0References3

RedhatCVE•added 2025/12/25 1:23 p.m.•2 views

CVE-2025-68593

Missing Authorization vulnerability in Liton Arefin WP Adminify adminify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Adminify: from n/a through = 4.0.6.1...

5.4CVSS7AI score0.00051EPSS

Exploits0References1

EUVD•added 2025/12/24 3:30 p.m.•1 views

EUVD-2025-205243

8.8CVSS6.5AI score0.00034EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-53951

Malicious code in bioql PyPI...

4.8CVSS5.9AI score0.00268EPSS

Exploits2References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-48625

Malicious code in bioql PyPI...

5.9CVSS6.2AI score0.00069EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-56806

Malicious code in bioql PyPI...

7.6CVSS7.7AI score0.00139EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:38 a.m.•8 views

CVE-2023-44266

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jewel Theme WP Adminify plugin = 3.1.6 versions...

5.9CVSS5.6AI score0.00069EPSS

Exploits0

NVD•added 2024/10/24 12:15 p.m.•12 views

CVE-2024-8959

The WP Adminify – Custom WordPress Dashboard, Login and Admin Customizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.0.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00332EPSS

Exploits0References4

CVE•added 2024/10/24 11:34 a.m.•37 views

CVE-2024-8959

CVE-2024-8959 - WP Adminify (WordPress Plugin) Affected: WP Adminify – Custom WordPress Dashboard, Login and Admin Customizer (versions

6.4CVSS5.9AI score0.00332EPSS

Exploits0References4

Patchstack•added 2024/10/24 12:0 a.m.•10 views

WordPress WP Adminify Plugin <= 4.0.1.6 is vulnerable to Cross Site Scripting (XSS)

Software WP Adminify Type Plugin Vulnerable versions = 4.0.1.6 Fixed in 4.0.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8959 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a2bca67b8648 Credits Francesco Carlucci...

6.4CVSS5.7AI score0.00332EPSS

Exploits0References3Affected Software1

WPVulnDB•added 2024/01/05 12:0 a.m.•20 views

WP Adminify < 3.1.7 - Authenticated(Administrator+) SQL Injection

Description The WP Adminify plugin for WordPress is vulnerable to SQL Injection via an unknown parameter in all versions up to 3.1.7 exclusive due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.6CVSS7.5AI score0.00139EPSS

Exploits0References1Affected Software1

NVD•added 2023/12/31 6:15 p.m.•8 views

CVE-2023-52132

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Jewel Theme WP Adminify.This issue affects WP Adminify: from n/a through 3.1.6...

7.6CVSS0.00139EPSS

Exploits0References1

Prion•added 2023/12/31 6:15 p.m.•13 views

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Jewel Theme WP Adminify.This issue affects WP Adminify: from n/a through 3.1.6...

5.8CVSS7.9AI score0.00139EPSS

Exploits0References1Affected Software1

CVE•added 2023/12/31 5:35 p.m.•53 views

CVE-2023-52132

CVE-2023-52132 affects WP Adminify for WordPress. Affected: WP Adminify

7.6CVSS7.8AI score0.00139EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/12/31 5:35 p.m.•14 views

CVE-2023-52132 WordPress WP Adminify Plugin <= 3.1.6 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Jewel Theme WP Adminify.This issue affects WP Adminify: from n/a through 3.1.6...

7.6CVSS8.1AI score0.00139EPSS

Exploits0References1

CNNVD•added 2023/12/31 12:0 a.m.•1 views

WordPress Plugin WP Adminify SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin WP Adminif...

7.6CVSS7.7AI score0.00139EPSS

Exploits0References2

NVD•added 2023/10/02 11:15 a.m.•13 views

CVE-2023-44266

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jewel Theme WP Adminify plugin = 3.1.6 versions...

5.9CVSS5.4AI score0.00069EPSS

Exploits0References1

Positive Technologies•added 2023/10/02 12:0 a.m.•1 views

PT-2023-29179 · WordPress · Jewel Theme Wp Adminify

Name of the Vulnerable Software and Affected Versions: Jewel Theme WP Adminify plugin versions 3.1.6 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. There is no information provided about the...

5.9CVSS5.4AI score0.00069EPSS

Exploits0References5

CNNVD•added 2023/10/02 12:0 a.m.•1 views

WordPress Plugin WP Adminify Cross-Site Scripting Vulnerability

5.9CVSS6AI score0.00069EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by