Lucene search
K

8 matches found

Nuclei
Nuclei
added yesterday12 views

10Web Booster < 2.24.18 - Unauthenticated Arbitrary Option Deletion

The 10Web Booster WordPress plugin before 2.24.18 does not validate the option name given to some AJAX actions, allowing unauthenticated users to delete arbitrary options from the database, leading to denial of service. id: CVE-2023-5559 info: name: 10Web Booster 2.24.18 - Unauthenticated Arbitra...

9.1CVSS7.3AI score0.02811EPSS
Exploits2References2
CVE
CVE
added 2025/05/01 4:22 a.m.68 views

CVE-2025-3952

CVE-2025-3952: Projectopia – WordPress Project Management plugin (versions

8.1CVSS6.6AI score0.00361EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/20 6:42 a.m.13 views

CVE-2024-10855 Image Optimizer, Resizer and CDN – Sirv <= 7.3.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Option Deletion

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to insufficient validation on the filename parameter of the sirvuploadfilebychunks function and lack of in all versions up to, and including...

8.1CVSS6.7AI score0.00517EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/11/19 8:3 p.m.19 views

WordPress Sirv plugin <= 7.3.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Option Deletion vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary Option Deletion vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Sirv versions = 7.3.0...

8.1CVSS7AI score0.00517EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/13 2:2 a.m.13 views

CVE-2024-10717 Styler for Ninja Forms <= 3.3.4 - Authenticated (Subscriber+) Arbitrary Option Deletion via deactivate_license

The Styler for Ninja Forms plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the deactivatelicense function in all versions up to, and including, 3.3.4. This makes it possible for authenticated...

6.5CVSS6.6AI score0.00398EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/13 2:2 a.m.14 views

CVE-2024-10717 Styler for Ninja Forms <= 3.3.4 - Authenticated (Subscriber+) Arbitrary Option Deletion via deactivate_license

The Styler for Ninja Forms plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the deactivatelicense function in all versions up to, and including, 3.3.4. This makes it possible for authenticated...

6.5CVSS0.00398EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/29 3:6 p.m.24 views

CVE-2024-43939 WordPress Z Y N I T H plugin <= 7.4.9 - Unauthenticated Arbitrary Option Deletion vulnerability

Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Z Y N I T H: from n/a through 7.4.9...

6.5CVSS6.5AI score0.00334EPSS
Exploits0References1
Patchstack
Patchstack
added 2022/01/17 12:0 a.m.12 views

WordPress WP Ultimate CSV Importer plugin <= 6.4.1 - Arbitrary Option Deletion vulnerability

Arbitrary Option Deletion vulnerability discovered by WPScanTeam in WordPress WP Ultimate CSV Importer plugin versions = 6.4.1. Solution Update the WordPress WP Ultimate CSV Importer plugin to the latest available version at least 6.4.2...

2.9AI score
Exploits0References2Affected Software1
Rows per page
Query Builder