CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

RedhatCVE•added 2025/05/23 2:56 a.m.•2 views

CVE-2023-0725

The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajaxclonefolder function. This makes it possible for unauthenticated attackers to invoke this function via...

5.4CVSS4.3AI score0.00094EPSS

Exploits0References1

OSV•added 2023/02/08 2:15 a.m.•2 views

CVE-2023-0725

4.3CVSS6.3AI score0.00094EPSS

Exploits0References3

ATTACKERKB•added 2023/02/08 2:15 a.m.•1 views

CVE-2023-0725

5.4CVSS5.8AI score0.00094EPSS

Exploits0References4

OSV•added 2023/02/08 2:15 a.m.•2 views

CVE-2023-0715

The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajaxclonefolder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke thi...

4.3CVSS6.5AI score

Exploits0References3

ATTACKERKB•added 2023/02/08 2:15 a.m.•2 views

CVE-2023-0715

5.4CVSS5.9AI score0.00155EPSS

Exploits0References4

VulnCheck KEV•added 2023/02/08 12:0 a.m.•1 views

VulnCheck KEV: CVE-2023-0715

5.4CVSS6.5AI score0.00155EPSS

Exploits0References1

CNNVD•added 2023/02/08 12:0 a.m.•2 views

WordPress plugin Wicked Folders 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. The WordPress plugin Wicked Folders suffers...

5.4CVSS6.1AI score0.00094EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by