Lucene search
K

7 matches found

Cvelist
Cvelist
added 2026/06/24 6:0 a.m.37 views

CVE-2026-9709 Themeco Cornerstone < 7.8.9 (Premium, bundled with X Theme) - Subscriber+ Arbitrary User Meta Disclosure

The Cornerstone WordPress plugin before 7.8.9 does not enforce capability checks on one of its REST API routes, allowing any authenticated user to disclose the metadata of any other user, including roles, session token previews and stored billing/shipping fields. This affects the premium co...

0.00219EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-2663

Malware in sbrugna...

6.1CVSS6.7AI score0.00645EPSS
Exploits0References3
CVE
CVE
added 2025/08/07 12:0 a.m.20 views

CVE-2025-54397

CVE-2025-54397 affects Netwrix Directory Manager (formerly Imanami GroupID) versions 11.0.0.0 through 11.1.25161.02. The issue: sensitive information is inserted into data sent to authenticated users, exposing data during transit. The CVSS v3.1 base score is 4.3 (Medium) with network attack vecto...

4.3CVSS6.3AI score0.00251EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 6:38 a.m.8 views

CVE-2017-15196

In Kanboard before 1.0.47, by altering form data, an authenticated user can remove columns from a private project of another user...

4.3CVSS6.7AI score0.01191EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 1:43 a.m.60 views

CVE-2025-3851

CVE-2025-3851 affects the WordPress plug‑in WP SmartPay (Download Manager and Payment Form) . The issue is an Insecure Direct Object Reference in the show() function caused by missing validation on a user‑controlled key, which could allow an authenticated attacker with Subscriber+ privileges to v...

4.3CVSS4.4AI score0.00239EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/22 4:22 a.m.20 views

CVE-2024-43196

IBM OpenPages with Watson 8.3 and 9.0 application could allow an authenticated user to manipulate data in the Questionnaires application allowing the user to spoof other users' responses...

4.3CVSS6.4AI score0.00219EPSS
Exploits0
OSV
OSV
added 2020/01/28 7:15 p.m.4 views

CVE-2019-4636

IBM Security Secret Server 10.7 could disclose sensitive information to an authenticated user from generated error messages. IBM X-Force ID: 170013...

2.7CVSS6AI score0.00803EPSS
Exploits0References2
Rows per page
Query Builder