3928 matches found
CVE-2023-53914
UliCMS 2023.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through mass assignment in the UserController. Attackers can send a crafted POST request to the admin index.php endpoint with specific parameters to generate an administrative...
EUVD-2025-204091
Incorrect Privilege Assignment vulnerability in PenciDesign Soledad soledad allows Privilege Escalation.This issue affects Soledad: from n/a through = 8.6.9...
EUVD-2025-204189
Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through = 1.4.0...
EUVD-2025-204195
Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through = 4.1.35...
EUVD-2025-204231
Incorrect Privilege Assignment vulnerability in silverplugins217 Custom Fields Account Registration For Woocommerce custom-fields-account-registration-for-woocommerce allows Privilege Escalation.This issue affects Custom Fields Account Registration For Woocommerce: from n/a through = 1.2...
CVE-2025-64188
Incorrect Privilege Assignment vulnerability in PenciDesign Soledad soledad allows Privilege Escalation.This issue affects Soledad: from n/a through = 8.6.9...
CVE-2025-59134
Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through = 1.5.8...
CVE-2025-58710
Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through = 1.4.0...
CVE-2025-55707
Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through = 4.1.35...
CVE-2025-64188
CVE-2025-64188 affects the WordPress plugin/theme PenciDesign Soledad (versions n/a–8.6.9). Root cause: incorrect privilege assignment that enables privilege escalation. Impact: subscribers can potentially take over WordPress sites. Remediation: update Soledad to a version later than 8.6.9 (per P...
CVE-2025-59134 WordPress Sale! Immigration law, Visa services support, Migration Agent Consulting theme <= 1.5.8 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through = 1.5.8...
CVE-2025-59134 WordPress Sale! Immigration law, Visa services support, Migration Agent Consulting theme <= 1.5.8 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through = 1.5.8...
CVE-2025-58710 WordPress Hotel Listing plugin <= 1.4.0 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through = 1.4.0...
CVE-2025-58710
CVE-2025-58710 affects the WordPress e-plugins Hotel Listing plugin (hotel-listing component) up to version 1.4.0. Root cause: incorrect privilege assignment that allows privilege escalation. CVSS 3.1 base score 8.6 (HIGH), with confidentiality impact HIGH and other partial impacts. Remediation: ...
CVE-2025-58710 WordPress Hotel Listing plugin <= 1.4.0 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through = 1.4.0...
CVE-2025-55707 WordPress PostX Plugin <= 4.1.35 - Privilege Escalation Vulnerability
Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through = 4.1.35...
CVE-2025-55707 WordPress PostX Plugin <= 4.1.35 - Privilege Escalation Vulnerability
Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through = 4.1.35...
CVE-2025-49379 WordPress Custom Fields Account Registration For Woocommerce plugin <= 1.2 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in silverplugins217 Custom Fields Account Registration For Woocommerce custom-fields-account-registration-for-woocommerce allows Privilege Escalation.This issue affects Custom Fields Account Registration For Woocommerce: from n/a through = 1.2...
EUVD-2023-60216
UliCMS 2023.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through mass assignment in the UserController. Attackers can send a crafted POST request to the admin index.php endpoint with specific parameters to generate an administrative...
WordPress plugin PenciDesign Soledad 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...