Lucene search
K

79 matches found

NVD
NVD
added 2026/07/06 8:16 a.m.7 views

CVE-2026-12083

The Admin and Site Enhancements ASE WordPress plugin before 8.8.4, admin-site-enhancements-pro WordPress plugin before 8.8.4 does not perform authentication, authorization, or nonce checks on a role-restoration request handler, allowing unauthenticated attackers to restore a previously demoted...

8.1CVSS0.00295EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 6:0 a.m.34 views

CVE-2026-12083 Admin and Site Enhancements < 8.8.4 - Unauthenticated Administrator-Role Restoration via reset-for Parameter

The Admin and Site Enhancements ASE WordPress plugin before 8.8.4, admin-site-enhancements-pro WordPress plugin before 8.8.4 does not perform authentication, authorization, or nonce checks on a role-restoration request handler, allowing unauthenticated attackers to restore a previously demoted...

0.00295EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.10 views

CVE-2026-57625

CVE-2026-57625 : Unauthenticated Cross Site Scripting (XSS) vulnerability in WordPress Admin and Site Enhancements (ASE) Pro plugin, versions

9.6CVSS5.8AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:17 p.m.6 views

CVE-2026-32423

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.4.0...

5.4CVSS5.8AI score0.00168EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/13 9:31 p.m.4 views

EUVD-2026-11951

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.4.0...

5.4CVSS5.8AI score0.00168EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/13 11:42 a.m.28 views

CVE-2026-32423 WordPress Admin and Site Enhancements (ASE) plugin <= 8.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.4.0...

5.4CVSS0.00168EPSS
Exploits0References1
CVE
CVE
added 2026/03/13 11:42 a.m.10 views

CVE-2026-32423

The CVE-2026-32423 entry concerns the WordPress Admin and Site Enhancements (ASE) plugin, version

5.4CVSS5.8AI score0.00168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/16 11:31 p.m.4 views

CVE-2021-47808

Cotonti Siena 0.9.19 contains a stored cross-site scripting vulnerability in the admin configuration panel's site title parameter. Attackers can inject malicious JavaScript code through the 'maintitle' parameter to execute scripts when administrators view the page...

5.4CVSS6.3AI score0.00238EPSS
Exploits1References1
NVD
NVD
added 2026/01/16 12:16 a.m.4 views

CVE-2021-47808

Cotonti Siena 0.9.19 contains a stored cross-site scripting vulnerability in the admin configuration panel's site title parameter. Attackers can inject malicious JavaScript code through the 'maintitle' parameter to execute scripts when administrators view the page...

5.4CVSS0.00238EPSS
Exploits1References4
CVE
CVE
added 2026/01/15 11:25 p.m.10 views

CVE-2021-47808

CVE-2021-47808 relates to Cotonti Siena 0.9.19, exposing a stored cross-site scripting (XSS) vulnerability in the admin configuration panel’s site title parameter. The issue allows injection of JavaScript through the ‘maintitle’ field, enabling script execution when administrators view the page. ...

5.4CVSS5.9AI score0.00238EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 10:55 a.m.3 views

CVE-2022-38281

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/site/list...

7.2CVSS8.1AI score0.00907EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.10 views

PT-2026-7318

Name of the Vulnerable Software and Affected Versions Kanboard versions prior to 1.2.50 Description Kanboard is project management software. A Cross-Site Request Forgery CSRF issue exists in the ProjectPermissionController. The application does not strictly enforce the application/json Content-Ty...

5.7CVSS5.4AI score0.00182EPSS
Exploits1References9
GithubExploit
GithubExploit
added 2025/12/29 6:28 p.m.148 views

Exploit for CVE-2025-15495

CVE-2025-15495 - Arbitrary File Upload Leading to Remote Code...

5.8CVSS7.8AI score0.0042EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/12/10 2:22 p.m.8 views

CVE-2025-64255

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.0.8...

2.7CVSS6.9AI score0.00265EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:18 p.m.6 views

CVE-2025-64255

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.0.8...

2.7CVSS0.00265EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 2:13 p.m.14 views

CVE-2025-64255

Technical details for CVE-2025-64255 are not provided in the supplied documents. No information on affected versions, root cause, exploit scenarios, or fixes. Monitor for updates from official advisories and connected sources.

2.7CVSS6.5AI score0.00265EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 2:13 p.m.3 views

CVE-2025-64255 WordPress Admin and Site Enhancements (ASE) plugin <= 8.0.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.0.8...

2.7CVSS6.5AI score0.00265EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 2:13 p.m.33 views

CVE-2025-64255 WordPress Admin and Site Enhancements (ASE) plugin <= 8.0.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.0.8...

2.7CVSS0.00265EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-2395

Malware in sbrugna...

4.8CVSS5.1AI score0.01932EPSS
Exploits5References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-9483

Malware in sbrugna...

4.3CVSS5AI score0.00684EPSS
Exploits0References4
Rows per page
Query Builder