Lucene search
K

9 matches found

Nuclei
Nuclei
added 2026/06/16 7:13 a.m.21 views

ProjectSend <= r1605 - Improper Authorization

An improper authorization check was identified within ProjectSend version r1605 that allows an attacker to perform sensitive actions such as enabling user registration and auto validation, or adding new entries in the whitelist of allowed extensions for uploaded files. Ultimately, this allows to...

9.8CVSS9.3AI score0.91559EPSS
Exploits4References3
CNVD
CNVD
added 2025/11/12 12:0 a.m.4 views

WordPress WPFunnels plugin unauthorized user registration vulnerability

WordPress WPFunnels plugin is a funnel builder designed for WordPress and WooCommerce. WordPress WPFunnels plugin suffers from an unauthorized user registration vulnerability that stems from relying on the user control value optinallowregistration to determine user registration permissions, which...

5.3CVSS6.8AI score0.00219EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/08 6:30 a.m.5 views

EUVD-2025-38358

The WPFunnels – The Easiest Funnel Builder For WordPress And WooCommerce To Collect Leads And Increase Sales plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 3.6.2. This is due to the plugin relying on a user controlled value...

5.3CVSS5.5AI score0.00219EPSS
Exploits0References3
NVD
NVD
added 2025/11/08 4:15 a.m.12 views

CVE-2025-12353

The WPFunnels – The Easiest Funnel Builder For WordPress And WooCommerce To Collect Leads And Increase Sales plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 3.6.2. This is due to the plugin relying on a user controlled value...

5.3CVSS0.00219EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/08 3:27 a.m.6 views

CVE-2025-12353 WPFunnels <= 3.6.2 - Unauthorized User Registration

The WPFunnels – The Easiest Funnel Builder For WordPress And WooCommerce To Collect Leads And Increase Sales plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 3.6.2. This is due to the plugin relying on a user controlled value...

5.3CVSS0.00219EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/08 3:27 a.m.3 views

CVE-2025-12353 WPFunnels <= 3.6.2 - Unauthorized User Registration

The WPFunnels – The Easiest Funnel Builder For WordPress And WooCommerce To Collect Leads And Increase Sales plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 3.6.2. This is due to the plugin relying on a user controlled value...

5.3CVSS5.5AI score0.00219EPSS
Exploits0References2
CVE
CVE
added 2025/11/08 3:27 a.m.20 views

CVE-2025-12353

The CVE-2025-12353 issue affects the WordPress WPFunnels plugin (versions up to 3.6.2). The vulnerability stems from the plugin relying on a user-controlled value, optin_allow_registration, to decide if user registration is allowed, instead of the site-wide setting. This enables unauthenticated a...

5.3CVSS5.5AI score0.00219EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/08 12:0 a.m.4 views

WordPress plugin WPFunnels 安全漏洞

WordPress WPFunnels plugin is a funnel builder designed for WordPress and WooCommerce. WordPress WPFunnels plugin suffers from an unauthorized user registration vulnerability that stems from relying on the user control value optinallowregistration to determine user registration permissions, which...

5.3CVSS6.7AI score0.00219EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2016/10/28 12:0 a.m.8 views

VulnCheck KEV: CVE-2016-8870

The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create user accounts by leveraging failure to check the Allow User Registration configuration setting...

8.1CVSS7.4AI score0.82086EPSS
Exploits7References1
Rows per page
Query Builder