Lucene search
K

225 matches found

WPVulnDB
WPVulnDB
added 2024/05/24 12:0 a.m.18 views

The Events Calendar (Free < 6.4.0.1, Pro < 6.4.0.1) - Contributor+ Arbitrary Events Access

Description The plugin does not prevent users with at least the contributor role from leaking details about events they shouldn't have access to. e.g. password-protected events, drafts, etc. PoC Free: 1. ADMIN: Install The Events Calendar 2. ADMIN: Create events with each status: published,...

9.4AI score0.00464EPSS
Exploits2Affected Software1
NVD
NVD
added 2024/04/02 3:15 p.m.37 views

CVE-2024-30248

Piccolo Admin is an admin interface/content management system for Python, built on top of Piccolo. Piccolo's admin panel allows media files to be uploaded. As a default, SVG is an allowed file type for upload. An attacker can upload an SVG which when loaded can allow arbitrary access to the admin...

7.7CVSS7.6AI score0.00493EPSS
Exploits0References2
OSV
OSV
added 2024/04/02 2:55 p.m.33 views

CVE-2024-30248 Piccolo Admin's raw SVG loading may lead to complete data compromise from admin page

Piccolo Admin is an admin interface/content management system for Python, built on top of Piccolo. Piccolo's admin panel allows media files to be uploaded. As a default, SVG is an allowed file type for upload. An attacker can upload an SVG which when loaded can allow arbitrary access to the admin...

7.7CVSS7.5AI score0.00493EPSS
Exploits0References4
CVE
CVE
added 2024/04/02 2:55 p.m.75 views

CVE-2024-30248

CVE-2024-30248 affects Piccolo Admin, the Python-based admin interface for Piccolo. The vulnerability arises from SVG uploads being allowed by default, allowing an attacker to load a malicious SVG that can grant arbitrary access to the admin page. The root cause is insufficient validation/handlin...

7.7CVSS7.5AI score0.00493EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.18 views

Meta Box < 5.9.4 - Contributor+ Arbitrary Posts' Custom Field Disclosure

Description The plugin does not prevent users with at least the contributor role from access arbitrary custom fields assigned to other user's posts. PoC 1. ADMIN: Install Meta Box 2. ADMIN: Add Meta Box fields through code or the premium add-on...

6.8AI score0.00501EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/06 8:21 p.m.11 views

CVE-2024-27916 `GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user

Minder is a software supply chain security platform. Prior to version 0.0.33, a Minder user can use the endpoints GetRepositoryByName, DeleteRepositoryByName, and GetArtifactByName to access any repository in the database, irrespective of who owns the repo and any permissions present. The databas...

7.1CVSS6.5AI score0.00666EPSS
Exploits1References4
OSV
OSV
added 2024/03/05 4:20 p.m.20 views

GHSA-V627-69V2-XX37 `GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user

Summary A Minder user can use the endpoints listed in the issue title to access any repository in the DB, irrespective of who owns the repo and any permissions that user may have. Details...

7.1CVSS6.9AI score0.00666EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2023/12/11 7:22 p.m.8 views

CVE-2023-5907 File Manager < 6.3 - Admin+ Arbitrary OS File/Folder Access + Path Traversal

The File Manager WordPress plugin before 6.3 does not restrict the file managers root directory, allowing an administrator to set a root outside of the WordPress root directory, giving access to system files and directories even in a multisite setup, where site administrators should not be allowe...

6.4AI score0.0085EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2023/11/06 12:0 a.m.8 views

Mmm Simple File List <= 2.3 - Subscriber+ Arbitrary Directory Listing

Description The plugin does not validate the generated path to list files from, allowing any authenticated users, such as subscribers, to list the content of arbitrary directories. PoC Run the below command in the developer console of the web browser while being on the blog as a subscriber user...

4.3CVSS6AI score0.00637EPSS
Exploits2
NVD
NVD
added 2023/10/16 8:15 p.m.23 views

CVE-2023-3154

The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to PHAR Deserialization due to a lack of input parameter validation in the galleryedit function, allowing an attacker to access arbitrary resources on the server...

7.5CVSS7.5AI score0.00701EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/09/25 3:56 p.m.14 views

CVE-2023-3664 FileOrganizer <= 1.0.2 - Admin+ Arbitrary File Access

The FileOrganizer WordPress plugin through 1.0.2 does not restrict functionality on multisite instances, allowing site admins to gain full control over the server...

6.8AI score0.008EPSS
Exploits1References1
WPVulnDB
WPVulnDB
added 2023/09/25 12:0 a.m.11 views

NextGEN Gallery < 3.39 - Admin+ PHAR Deserialization

Description The plugin is vulnerable to PHAR Deserialization due to a lack of input parameter validation in the galleryedit function, allowing an attacker to access arbitrary resources on the server. PoC 1. Ensure your WordPress installation is using PHP version 7.4 or earlier. 2. Create a...

7.5CVSS7.7AI score0.00701EPSS
Exploits2Affected Software1
Cvelist
Cvelist
added 2023/09/11 7:46 p.m.22 views

CVE-2023-4318 Herd Effects < 5.2.4 - Effect Deletion via CSRF

The Herd Effects WordPress plugin before 5.2.4 does not have CSRF when deleting its items, which could allow attackers to make logged in admins delete arbitrary effects via a CSRF attack...

5AI score0.00218EPSS
Exploits2References1
NVD
NVD
added 2023/09/04 12:15 p.m.22 views

CVE-2023-3814

The Advanced File Manager WordPress plugin before 5.1.1 does not adequately authorize its usage on multisite installations, allowing site admin users to list and read arbitrary files and folders on the server...

4.9CVSS5.1AI score0.00505EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/09/04 11:27 a.m.28 views

CVE-2023-3814 Advanced File Manager < 5.1.1 - Admin+ Arbitrary File/Folder Access

The Advanced File Manager WordPress plugin before 5.1.1 does not adequately authorize its usage on multisite installations, allowing site admin users to list and read arbitrary files and folders on the server...

5.4AI score0.00505EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/08/25 12:0 a.m.4 views

e-Excellence U-Office Force 路径遍历漏洞

e-Excellence U-Office Force is an e-Office platform from China First Class Technology e-Excellence. A path traversal vulnerability exists in e-Excellence U-Office Forc, which can be exploited by an attacker to read arbitrary system files...

7.5CVSS7.5AI score0.00871EPSS
Exploits0References2
wpexploit
wpexploit
added 2023/08/14 12:0 a.m.146 views

Advanced File Manager < 5.1.1 - Admin+ Arbitrary File/Folder Access

Description The plugin does not adequately authorize its usage on multisite installations, allowing site admin users to list and read arbitrary files and folders on the server. On a multisite installation, log in as a site admin. Notice that you are able to manage files on the server using this...

4.9CVSS5.2AI score0.00505EPSS
Exploits1
wpexploit
wpexploit
added 2023/08/07 12:0 a.m.153 views

Simple Blog Card < 1.32 - Subscriber+ Arbitrary Post Access

Description The plugin does not ensure that posts to be displayed via a shortcode are public, allowing any authenticated users, such as subscriber, to retrieve arbitrary post title and their content such as draft, private and password protected ones Run the below command in the developer console ...

4.3CVSS4.7AI score0.00453EPSS
Exploits2
Veracode
Veracode
added 2023/08/06 11:23 p.m.30 views

Use After Free

chromium is vulnerable to Use After Free. The vulnerability exists in the Media of the library, allowing an attacker to perform arbitrary read/write via a maliciously crafted HTML page...

8.8CVSS6.7AI score0.0055EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2023/06/07 2:15 a.m.15 views

CVE-2021-4347

The function updateshipmentstatusemailstatusfun in the plugin Advanced Shipment Tracking for WooCommerce in versions up to 3.2.6 is vulnerable to authenticated arbitrary options update. The function allows attackers including those at customer level to update any WordPress option in the database...

9.9CVSS9.3AI score0.00654EPSS
Exploits1References2
Rows per page
Query Builder