Lucene search
K

147 matches found

OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.4 views

Configure a Proper Value for MaxAuthTries

MaxAuthTries indicates the maximum number of user authentication failures allowed in a single connection. If the number of user authentication failures exceeds the value, the connection is automatically disconnected. You are advised to set this field to a value less than or equal to 3. If this...

6.8AI score
Exploits0References3
Patchstack
Patchstack
added 2025/05/02 8:52 p.m.4 views

WordPress Job Listings plugin 0.1-0.1.1 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by kr0d in WordPress Plugin Job Listings versions 0.1-0.1.1...

9.8CVSS8.9AI score0.00481EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/23 8:51 p.m.11 views

WordPress Frontend Login and Registration Blocks plugin <= 1.0.7 - Authenticated (Subscriber+) Privilege Escalation via Password Reset vulnerability

Authenticated Subscriber+ Privilege Escalation via Password Reset vulnerability discovered by kr0d in WordPress Plugin Frontend Login and Registration Blocks versions = 1.0.8...

8.8CVSS8.4AI score0.00374EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/11 6:35 p.m.10 views

WordPress User Registration plugin <= 4.1.3 - Insecure Direct Object Reference to Unauthenticated Membership Modification vulnerability

Insecure Direct Object Reference to Unauthenticated Membership Modification vulnerability discovered by wesley wcraft in WordPress Plugin User Registration versions = 4.1.3...

5.3CVSS8.3AI score0.00266EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/11 6:23 p.m.5 views

WordPress WPC Admin Columns plugin 2.0.6-2.1.0 - Authenticated (Subscriber+) Privilege Escalation via User Meta Update vulnerability

Authenticated Subscriber+ Privilege Escalation via User Meta Update vulnerability discovered by kr0d in WordPress Plugin WPC Admin Columns versions 2.0.6-2.1.0...

8.8CVSS8.3AI score0.00386EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/08 7:32 p.m.4 views

WordPress Vayu Blocks plugin 1.0.4-1.2.1 - Missing Authorization to Unauthenticated Limited Arbitrary Options Update vulnerability

Missing Authorization to Unauthenticated Limited Arbitrary Options Update vulnerability discovered by kr0d in WordPress Plugin Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce versions 1.0.4-1.2.1...

5.3CVSS8.3AI score0.00362EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2025/03/12 3:22 p.m.4 views

SUSE CVE-2025-24912

hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail...

3.7CVSS6.9AI score0.00716EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/01/11 12:0 a.m.4 views

HCL DRYiCE MyXalytics 安全漏洞

HCL DRYiCE MyXalytics is a unified reporting and dashboard product from HCL Corporation, USA. A security vulnerability exists in HCL DRYiCE MyXalytics that stems from vulnerability to authentication failures...

9.8CVSS6.9AI score0.00386EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/27 12:0 a.m.27 views

WordPress Restaurant & Cafe Addon for Elementor Plugin <= 1.5.9 is vulnerable to Broken Access Control

Software Restaurant & Cafe Addon for Elementor Type Plugin Vulnerable versions = 1.5.9 Fixed in 1.6.0 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10780 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...

7AI score0.00377EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.32 views

WordPress AppPresser Plugin <= 4.4.6 is vulnerable to Privilege Escalation

Software AppPresser Type Plugin Vulnerable versions = 4.4.6 Fixed in 4.4.7 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-11024 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 25ae1391ba68 Credits shaman0x01...

9.8CVSS6.5AI score0.00678EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/22 12:0 a.m.16 views

WordPress Social Login Plugin <= 5.9.0 is vulnerable to Privilege Escalation

Software Social Login Type Plugin Vulnerable versions = 5.9.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-10961 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 284fa6881d99 Credits wesley wcraf...

9.8CVSS6.6AI score0.0117EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/21 12:0 a.m.33 views

WordPress Tutor LMS Plugin <= 2.7.6 is vulnerable to Broken Access Control

Software Tutor LMS Type Plugin Vulnerable versions = 2.7.6 Fixed in 2.7.7 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10393 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 196d31d95c65 Credits 1337Wannabe...

5.3CVSS6.9AI score0.00563EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/21 12:0 a.m.11 views

WordPress Easy Twitter Feed Plugin <= 1.2.6 is vulnerable to Broken Access Control

Software Easy Twitter Feed Type Plugin Vulnerable versions = 1.2.6 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10666 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7120bb84b17b Credits Francesc...

4.3CVSS6.5AI score0.00435EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/21 12:0 a.m.13 views

WordPress Theme Builder For Elementor Plugin <= 1.2.2 is vulnerable to Broken Access Control

Software Theme Builder For Elementor Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10782 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 266b574a3c97...

4.3CVSS6.7AI score0.00456EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/21 12:0 a.m.17 views

WordPress Button Block Plugin <= 1.1.4 is vulnerable to Broken Authentication

Software Button Block Type Plugin Vulnerable versions = 1.1.4 Fixed in 1.1.5 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10671 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID ae07da220d1c Credits...

6.5CVSS6.8AI score0.00506EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/18 12:0 a.m.18 views

WordPress UserPlus Plugin <= 2.0 is vulnerable to Privilege Escalation

Software UserPlus Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-52442 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 1a20cf86d1cd Credits João Pedro S...

9.8CVSS6.6AI score0.00488EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/15 12:0 a.m.17 views

WordPress External Database Based Actions Plugin <= 0.1 is vulnerable to Privilege Escalation

Software External Database Based Actions Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-10311 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID cd4901766574...

8.8CVSS6.8AI score0.00433EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/12 12:0 a.m.18 views

WordPress Styler for Ninja Forms Plugin <= 3.3.4 is vulnerable to Settings Change

Software Styler for Ninja Forms Type Plugin Vulnerable versions = 3.3.4 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Settings Change CVE CVE-2024-10717 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 2b68f06a005e Credits...

6.5CVSS6.5AI score0.00398EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.19 views

WordPress Th Shop Mania Theme <= 1.4.9 is vulnerable to Arbitrary Code Execution

Software Th Shop Mania Type Theme Vulnerable versions = 1.4.9 Fixed in 1.5.0 OWASP Top 10 A7: Identification and Authentication Failures Classification Arbitrary Code Execution CVE CVE-2024-10674 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 314680b4b995 Credits Sean...

8.8CVSS6.7AI score0.01683EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2024/11/05 12:0 a.m.21 views

WordPress Heateor Social Login Plugin <= 1.1.35 is vulnerable to Broken Authentication

Software Heateor Social Login Type Plugin Vulnerable versions = 1.1.35 Fixed in 1.1.36 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10020 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 0cb2e3c4d2f1 Credits...

8.1CVSS6.8AI score0.00504EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder