Lucene search
K

5 matches found

NVD
NVD
added 2026/06/20 9:16 a.m.16 views

CVE-2026-11911

The Simple File List plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the eeSFLDeleteFile function in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server,...

7.5CVSS0.0078EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/20 8:29 a.m.9 views

CVE-2026-11911

The Simple File List plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the eeSFLDeleteFile function in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server,...

7.5CVSS6.7AI score0.0078EPSS
Exploits0References7
NVD
NVD
added 2026/06/06 2:16 a.m.12 views

CVE-2026-9281

The Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'jtlmacustomjs' Page Setting Custom JS Extension in all versions up to, and including, 3.1.0 due to insufficient input...

6.4CVSS0.00214EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.6 views

Joomla! CMS 访问控制错误漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. There is an access control vulnerability in the Joomla! CMS. This vulnerability arises from the fact that the ajax component in the administration area is excluded from the default login user checks, whi...

7.3CVSS5.8AI score0.00249EPSS
Exploits0References1
OSV
OSV
added 2020/03/16 6:15 p.m.4 views

CVE-2020-7916

beteacher in class-lp-admin-ajax.php in the LearnPress plugin 3.2.6.5 and earlier for WordPress allows any registered user to assign itself the teacher role via the wp-admin/admin-ajax.php?action=learnpressbeteacher URI without any additional permission checks. Therefore, any user can change its...

6.5CVSS6.6AI score0.01116EPSS
Exploits0References1
Rows per page
Query Builder