Lucene search
K

5 matches found

NVD
NVD
added 2026/06/15 9:16 p.m.7 views

CVE-2026-42661

Custom role Path Traversal in WP Customer Area = 8.3.4 versions...

8.8CVSS0.00371EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:18 p.m.7 views

EUVD-2026-36826

Custom role Path Traversal in WP Customer Area = 8.3.4 versions...

8.8CVSS5.2AI score0.00371EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/17 4:26 p.m.10 views

CVE-2026-3464 WP Customer Area <= 8.3.4 - Authenticated (Subscriber+) Arbitrary File Read/Deletion via ajax_attach_file

The WP Customer Area plugin for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation in the 'ajaxattachfile' function in all versions up to, and including, 8.3.4. This makes it possible for authenticated attackers with a role that an administrator...

8.8CVSS6.6AI score0.00968EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.6 views

PT-2025-45274

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in aguilatechnologies WP Customer Area customer-area allows PHP Local File Inclusion.This issue affects WP Customer Area: from n/a through = 8.2.7...

7.5CVSS7.1AI score0.0042EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/27 12:0 a.m.4 views

WordPress plugin WP Customer Area 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS8.2AI score0.00212EPSS
Exploits1References1
Rows per page
Query Builder