Lucene search
K

23 matches found

Cvelist
Cvelist
added 2026/05/29 5:32 a.m.41 views

CVE-2025-11993 WooCommerce Infinite Scroll and Ajax Pagination <= 1.8 - Authenticated (Subscriber+) PHP Object Injection

The WooCommerce Infinite Scroll and Ajax Pagination plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.8 via the 'settings' parameter in the 'importsettings' function. This is due to deserialization of untrusted data supplied via the import...

8.8CVSS0.00378EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-38157

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00312EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:5 a.m.8 views

CVE-2023-34033

Cross-Site Request Forgery CSRF vulnerability in Malinky Ajax Pagination and Infinite Scroll plugin = 2.0.1 versions...

8.8CVSS8.5AI score0.00312EPSS
Exploits0References1
NVD
NVD
added 2023/11/09 8:15 p.m.24 views

CVE-2023-34033

Cross-Site Request Forgery CSRF vulnerability in Malinky Ajax Pagination and Infinite Scroll plugin = 2.0.1 versions...

8.8CVSS0.00312EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/11/09 8:15 p.m.4 views

CVE-2023-34033

A vulnerability in craigramsay Ajax Pagination and Infinite Scroll malinky-ajax-pagination.This issue affects Ajax Pagination and Infinite Scroll: from n/a through = 2.0.1...

8.8CVSS8.5AI score0.00312EPSS
Exploits0References3
Prion
Prion
added 2023/11/09 8:15 p.m.16 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Malinky Ajax Pagination and Infinite Scroll plugin = 2.0.1 versions...

6.8CVSS7.3AI score0.00312EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/09 7:31 p.m.47 views

CVE-2023-34033

CVE-2023-34033 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Malinky Ajax Pagination and Infinite Scroll , affecting versions ≤ 2.0.1. Public sources confirm the issue as CSRF with no patch available, and recommend upgrading to a version newer than 2.0.1 as the reme...

8.8CVSS8.9AI score0.00312EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/09 12:0 a.m.6 views

PT-2023-24649 · WordPress · Malinky Ajax Pagination/Infinite Scroll

Name of the Vulnerable Software and Affected Versions: Malinky Ajax Pagination and Infinite Scroll plugin versions = 2.0.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application tha...

8.8CVSS8.8AI score0.00312EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/11/09 12:0 a.m.9 views

WordPress Plugin malinky-ajax-pagination Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

8.8CVSS6.6AI score0.00312EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/05/30 12:0 a.m.13 views

WordPress Ajax Pagination and Infinite Scroll Plugin <= 2.0.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Ajax Pagination and Infinite Scroll Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A2: Broken Authentication Classification Cross Site Request Forgery CSRF CVE CVE-2023-34033 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 411a2149f500 Credits...

8.8CVSS7AI score0.00312EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2018/03/21 12:0 a.m.4 views

WordPress Ajax Pagination (twitter Style) plugin path traversal vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL servers set up a personal blog site . Ajax Pagination twitter Style plugin is used in one of the paging plugin . A path traversal vulnerability exist...

7.5CVSS6.7AI score0.15675EPSS
Exploits1References1
NVD
NVD
added 2018/03/19 9:29 p.m.16 views

CVE-2014-2674

Directory traversal vulnerability in the Ajax Pagination twitter Style plugin 1.1 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the loop parameter in an ajaxnavigation action to wp-admin/admin-ajax.php...

7.5CVSS7.5AI score0.15675EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/03/19 9:0 p.m.20 views

CVE-2014-2674

Directory traversal vulnerability in the Ajax Pagination twitter Style plugin 1.1 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the loop parameter in an ajaxnavigation action to wp-admin/admin-ajax.php...

7.5AI score0.15675EPSS
Exploits1References1
CVE
CVE
added 2018/03/19 9:0 p.m.43 views

CVE-2014-2674

CVE-2014-2674 affects the WordPress Ajax Pagination (twitter Style) plugin, version 1.1. A path traversal/local file inclusion vulnerability exists in the plugin’s ajax_navigation action, allowing remote attackers to read arbitrary files by injecting ".." into the loop parameter sent to wp-admin/...

7.5CVSS7.5AI score0.15675EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 12:0 a.m.16 views

Ajax Pagination 1.1 - wp-admin/admin-ajax.php loop Parameter Local File Inclusion

Plugin is still affected and has been closed...

5CVSS2AI score0.15675EPSS
Exploits1References3Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Wordpress Ajax Pagination Plugin 1.1 - Local File Inclusion

No description provided by source...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/04/07 12:0 a.m.24 views

Ajax Pagination (twitter Style) Plugin for WordPress Local File Inclusion

The Ajax Pagination twitter Style plugin for WordPress installed on the remote host is affected by a local file inclusion vulnerability due to a failure to properly sanitize user-supplied input to the 'loop' parameter of the '/wp-admin/admin-ajax.php' script. A remote, unauthenticated attacker ca...

5.8AI score
Exploits0References1
seebug.org
seebug.org
added 2014/04/01 12:0 a.m.154 views

WordPress Ajax Pagination插件'admin-ajax.php'本地文件包含漏洞

Bugtraq ID:66526 WordPress是一款内容管理系统。 由于'admin-ajax.php'脚本没有正确过滤用户提交的输入,攻击者可以利用漏洞包含本地文件,以WEB权限查看系统文件。 0 WordPress Ajax Pagination Plugin 1.1 目前没有详细解决方案: http://wordpress.org/plugins/ajax-pagination/...

7.1AI score
Exploits0
Patchstack
Patchstack
added 2014/03/31 12:0 a.m.18 views

WordPress Ajax Pagination Plugin 1.1 - Local File Inclusion

Ajax Pagination plugin is prone to a file inclusion vulnerability. It is exploitable by an unauthenticated user, who can include any local file ending in “.php” which is accessible to the web user. Solution Upgrade the plugin...

7.5CVSS2.5AI score0.15675EPSS
Exploits1References1Affected Software1
exploitpack
exploitpack
added 2014/03/31 12:0 a.m.12 views

WordPress Plugin Ajax Pagination 1.1 - Local File Inclusion

WordPress Plugin Ajax Pagination 1.1 - Local File Inclusion Details ================ Software: Ajax Pagination twitter Style Version: 1.1 Homepage: http://wordpress.org/plugins/ajax-pagination/ CVSS: 9.3 High; AV:N/AC:M/Au:N/C:C/I:C/A:C Description ================ End-user exploitable local file...

7.3AI score
Exploits0
Rows per page
Query Builder