9 matches found
CVE-2026-1935
The Company Posts for LinkedIn plugin for WordPress is vulnerable to Missing Authorization in all versions up to 1.0.0 due to a missing capability check in linkedin_company_post_reset_handler() hooked to admin_post_reset_linkedin_company_post. This allows authenticated attackers with Subscriber-l...
CVE-2025-59022
Backend users who had access to the recycler module could delete arbitrary data from any database table defined in the TCA - regardless of whether they had permission to that particular table. This allowed attackers to purge and destroy critical site data, effectively rendering the website...
CVE-2025-59022
Backend users who had access to the recycler module could delete arbitrary data from any database table defined in the TCA - regardless of whether they had permission to that particular table. This allowed attackers to purge and destroy critical site data, effectively rendering the website...
PT-2026-2476
Backend users who had access to the recycler module could delete arbitrary data from any database table defined in the TCA - regardless of whether they had permission to that particular table. This allowed attackers to purge and destroy critical site data, effectively rendering the website...
TYPO3 CMS 安全漏洞
TYPO3 CMS is a content management system from TYPO3 open source. A security vulnerability exists in TYPO3 CMS that originates from a back-end user with Recycle Bin Module access that can delete arbitrary data from any TCA-defined database table, potentially resulting in the erasure and corruption...
CVE-2025-14741
CVE-2025-14741 affects Frontend Admin by DynamiApps (WordPress) up to version 3.28.25. The issue is missing authorization for data deletion via the delete_object path, enabling unauthenticated attackers to delete posts, pages, products, taxonomy terms, and user accounts. Wordfence’s coverage conf...
PT-2025-6589 · WordPress · Read More & Accordion
Name of the Vulnerable Software and Affected Versions: Read More & Accordion plugin for WordPress versions up to, and including, 3.4.2 Description: The issue is related to a missing capability check on the expmDeleteData function, which allows authenticated attackers with Subscriber-level access...
WordPress WP ULike 2.8.1 / 3.1 Arbitrary Data Deletion Vulnerability
WordPress WP ULike plugin versions 2.8.1 and 3.1 suffer from an arbitrary data deletion vulnerability. Details ================ Software: WP ULike Version: 2.8.1,3.1 Homepage: https://wordpress.org/plugins/wp-ulike/ Advisory report: https://advisories.dxw.com/advisories/wp-ulike-delete-rows/ CVE:...
Solr 3.5.0 - Arbitrary Data Deletion
Exploit for java platform in category web applications Exploit Title: All Solr Data Can Be Delete Google Dork: intext:Schema Config Analysis Schema Browser Statistics Info Distribution Ping Logging Date: 5/2/2016 Exploit Author: N37 Myanmar Vendor Homepage: http://lucene.apache.org/solr/ Software...