Lucene search
K

163 matches found

Patchstack
Patchstack
added 2024/07/29 12:0 a.m.10 views

WordPress Better Find and Replace Plugin <= 1.6.1 is vulnerable to PHP Object Injection

Software Better Find and Replace Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.6.2 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-39636 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID c0c0efbac1bd Credits Trình Vũ Sonicrrrr from VNPT-VCI...

8.3CVSS6.8AI score0.00378EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/07/22 11:15 a.m.4 views

CVE-2024-38759

Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search & Replace search-and-replace.This issue affects Search & Replace: from n/a through 3.2.2...

9.8CVSS5.8AI score0.00307EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/22 12:0 a.m.2 views

PT-2024-28200 · WordPress · Wp Media Sas Search & Replace

Name of the Vulnerable Software and Affected Versions: WP MEDIA SAS Search & Replace versions n/a through 3.2.2 Description: The issue is related to Deserialization of Untrusted Data, which affects the Search & Replace plugin. Recommendations: For versions n/a through 3.2.2, update to a version...

9.8CVSS6.8AI score0.00307EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/07/15 2:41 a.m.5 views

WordPress CM WordPress Search And Replace Plugin plugin < 1.3.9 - Plugin Reset via CSRF vulnerability

Plugin Reset via CSRF vulnerability discovered by Felipe Caon in WordPress Plugin CM On Demand Search And Replace versions 1.3.9...

6.5CVSS7AI score0.00224EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/07/15 12:0 a.m.14 views

WordPress CM On Demand Search And Replace Plugin < 1.3.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software CM On Demand Search And Replace Type Plugin Vulnerable versions 1.3.9 Fixed in 1.3.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-5028 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 576a4082c0ff Credits Felipe...

6.5CVSS6.7AI score0.00224EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2024/07/13 6:0 a.m.32 views

CVE-2024-5028 CM WordPress Search And Replace Plugin < 1.3.9 - Plugin Reset via CSRF

The CM WordPress Search And Replace Plugin WordPress plugin before 1.3.9 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

0.00224EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/13 6:0 a.m.12 views

CVE-2024-5028 CM WordPress Search And Replace Plugin < 1.3.9 - Plugin Reset via CSRF

The CM WordPress Search And Replace Plugin WordPress plugin before 1.3.9 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

6.8AI score0.00224EPSS
Exploits1References1
CVE
CVE
added 2024/07/13 6:0 a.m.59 views

CVE-2024-5028

CVE-2024-5028 —The CM WordPress Search And Replace Plugin (pre-1.3.9) lacks CSRF checks in some areas, enabling attackers to induce logged-in users to perform unwanted actions via CSRF. Red Hat and Patchstack entries corroborate the issue and reference the same plugin/version window. Wordfence vu...

6.5CVSS6.8AI score0.00224EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/07/11 2:0 p.m.4 views

WordPress Search & Replace plugin <= 3.2.2 - Deserialization of untrusted data vulnerability

Deserialization of untrusted data vulnerability discovered by Trình Vũ / Sonicrrrr from VNPT-VCI Patchstack Alliance in WordPress Plugin Search & Replace versions = 3.2.2...

9.8CVSS7AI score0.00307EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/13 9:44 a.m.2 views

WordPress Search & Replace plugin < 3.2.2 - Admin+ SQL injection vulnerability

Admin+ SQL injection vulnerability discovered by Krugov Artyom in WordPress Plugin Search & Replace versions 3.2.2...

7.2CVSS8.2AI score0.00444EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2024/06/13 6:15 a.m.1 views

CVE-2024-4145

The Search & Replace WordPress plugin before 3.2.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks such as within a multi-site network...

7.2CVSS5.8AI score0.00444EPSS
Exploits2References1
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.5 views

WordPress plugin Search & Replace security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.2CVSS8AI score0.00444EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2024/04/16 12:0 a.m.4 views

PT-2024-24361 · Kohya Ss · Kohya Ss

Name of the Vulnerable Software and Affected Versions: Kohya ss versions prior to 23.1.5 Description: Kohya ss is a GUI for Kohya's Stable Diffusion trainers. It is vulnerable to a path injection in the common gui.py find and replace function. Recommendations: For versions prior to 23.1.5, update...

6.5CVSS7.5AI score0.00652EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.4 views

PT-2024-6465 · D Link · D-Link Dns-321 +16

Name of the Vulnerable Software and Affected Versions: D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 versions up to 20240814...

9.8CVSS7AI score0.05185EPSS
Exploits1References13
Fedora
Fedora
added 2024/03/07 10:33 p.m.29 views

[SECURITY] Fedora 40 Update: rsyntaxtextarea-3.1.3-11.fc40

RSyntaxTextArea is a customizable, syntax highlighting text component for Java Swing applications. Out of the box, it supports syntax highlighting for 40+ programming languages, code folding, search and replace, and has add-on libraries for code completion and spell checking. Syntax highlighting...

8.8CVSS9.1AI score0.02557EPSS
Exploits3
Patchstack
Patchstack
added 2024/01/19 12:0 a.m.17 views

WordPress Ninja Tables Plugin <= 5.0.5 is vulnerable to Broken Access Control

Software Ninja Tables Type Plugin Vulnerable versions = 5.0.5 Fixed in 5.0.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-23504 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 86a45ee34ff9 Credits emad Required privilege...

5.3CVSS6.6AI score0.00325EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/11/22 1:15 p.m.2 views

CVE-2023-28749

Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin = 1.3.0 versions...

8.8CVSS7.3AI score0.00262EPSS
Exploits0References1
NVD
NVD
added 2023/11/22 1:15 p.m.36 views

CVE-2023-28749

Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin = 1.3.0 versions...

8.8CVSS0.00262EPSS
Exploits0References1
CVE
CVE
added 2023/11/22 1:2 p.m.42 views

CVE-2023-28749

CVE-2023-28749 : CSRF vulnerability in CM On Demand Search And Replace (WordPress plugin)

8.8CVSS6.5AI score0.00262EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/22 1:2 p.m.36 views

CVE-2023-28749 WordPress CM On Demand Search And Replace Plugin <= 1.3.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin = 1.3.0 versions...

4.3CVSS9AI score0.00262EPSS
Exploits0References1
Rows per page
Query Builder