Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.2 views

CVE-2025-67961

Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...

6.4CVSS5.4AI score0.00238EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:16 p.m.6 views

CVE-2025-67961

Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...

6.4CVSS0.00238EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:51 p.m.21 views

CVE-2025-67961

CVE-2025-67961 : SSRF in the WordPress WPO365 plugin’s wpo365-login component (affecting WPO365 v1.x through = 40.0) or apply vendor-provided patch; refer to Patchstack/RedHat/CVE records for the exact patched version. If patch not yet applied in environments, monitor for updates and apply once a...

6.4CVSS5.4AI score0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:51 p.m.18 views

CVE-2025-67961 WordPress WPO365 plugin <= 40.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...

6.4CVSS0.00238EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:51 p.m.1 views

CVE-2025-67961 WordPress WPO365 plugin <= 40.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...

6.4CVSS5.9AI score0.00238EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:51 p.m.3 views

CVE-2025-67961

Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...

6.4CVSS5.3AI score0.00238EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.3 views

PT-2026-4041

Name of the Vulnerable Software and Affected Versions Marco van Wieren WPO365 versions n/a through 40.0 Description A Server-Side Request Forgery SSRF vulnerability exists in the wpo365-login component of Marco van Wieren WPO365. This flaw allows for Server Side Request Forgery. Recommendations...

5.3AI score0.00238EPSS
Exploits0References3
OSV
OSV
added 2021/11/19 4:15 p.m.4 views

CVE-2021-43409

The “WPO365 | LOGIN” WordPress plugin up to and including version 15.3 by wpo365.com is vulnerable to a persistent Cross-Site Scripting XSS vulnerability also known as Stored or Second-Order XSS. Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data...

6.1CVSS5.8AI score0.00937EPSS
Exploits2References2
CNNVD
CNNVD
added 2021/11/19 12:0 a.m.12 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin WPO365 | LOGIN 15.3 and prior...

9.3CVSS6AI score0.00937EPSS
Exploits2References3
OSV
OSV
added 2020/10/02 5:15 a.m.3 views

CVE-2020-26511

The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass...

7.5CVSS7.1AI score0.02146EPSS
Exploits0References4
NVD
NVD
added 2020/10/02 5:15 a.m.25 views

CVE-2020-26511

The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass...

7.5CVSS0.02146EPSS
Exploits0References4
Prion
Prion
added 2020/10/02 5:15 a.m.8 views

Authentication flaw

The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass...

5CVSS7.6AI score0.02146EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2020/10/02 4:4 a.m.55 views

CVE-2020-26511

The CVE-2020-26511 entry concerns the WordPress plugin wpo365-login prior to v11.7. The issue is that the plugin uses a symmetric algorithm to decrypt a JWT token, enabling authentication bypass. Concrete details from connected sources specify the affected product (WordPress plugin wpo365-login),...

7.5CVSS7.6AI score0.02146EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/10/02 4:4 a.m.27 views

CVE-2020-26511

The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass...

7.7AI score0.02146EPSS
Exploits0References4
Rows per page
Query Builder