Lucene search
K

51 matches found

Cvelist
Cvelist
added 2026/04/08 11:16 a.m.22 views

CVE-2026-1672 BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.5 - Cross-Site Request Forgery to Product Data Modification

The BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5. This is due to missing nonce validation on the wooberedrawtablerow function. This makes it possibl...

6.5CVSS0.00176EPSS
Exploits0References4
HackRead
HackRead
added 2025/12/08 1:13 p.m.6 views

Space Bears Ransomware Claims Comcast Data Theft Through Quasar Breach

Space Bears ransowmare claims it obtained Comcast files through a breach at Quasar Inc, with threats to publish the data and separate leaks promised from Quasar itself...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-11290

Malicious code in bioql PyPI...

5.3CVSS3.9AI score0.00463EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-21756

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00732EPSS
Exploits3References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-11367

Malicious code in bioql PyPI...

4.8CVSS4AI score0.00278EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/07/19 1:57 a.m.10 views

CVE-2025-5396

The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.0. This is due to the bbackupajaxhandle function not having a capability check, nor validating user supplied input passed directly to calluserfunc. This makes it possible for...

9.8CVSS8.2AI score0.47809EPSS
Exploits3References1
NVD
NVD
added 2025/07/17 2:15 a.m.13 views

CVE-2025-5396

The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.0. This is due to the bbackupajaxhandle function not having a capability check, nor validating user supplied input passed directly to calluserfunc. This makes it possible for...

9.8CVSS0.00732EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2025/07/17 1:44 a.m.7 views

CVE-2025-5396 Bears Backup <= 2.0.0 - Unauthenticated Remote Code Execution

The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.0. This is due to the bbackupajaxhandle function not having a capability check, nor validating user supplied input passed directly to calluserfunc. This makes it possible for...

9.8CVSS7.1AI score0.00732EPSS
Exploits3References2
CVE
CVE
added 2025/07/17 1:44 a.m.38 views

CVE-2025-5396

CVE-2025-5396 affects the Bears Backup plugin for WordPress (all versions up to 2.0.0). Root cause: bbackup_ajax_handle() lacks a capability check and passes unsanitized input directly to call_user_func(), enabling unauthenticated remote code execution. Impact includes potential backdoors or crea...

9.8CVSS7.8AI score0.47809EPSS
Exploits3References2
Cvelist
Cvelist
added 2025/07/17 1:44 a.m.24 views

CVE-2025-5396 Bears Backup <= 2.0.0 - Unauthenticated Remote Code Execution

The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.0. This is due to the bbackupajaxhandle function not having a capability check, nor validating user supplied input passed directly to calluserfunc. This makes it possible for...

9.8CVSS0.00732EPSS
Exploits3References2
CNNVD
CNNVD
added 2025/07/17 12:0 a.m.4 views

WordPress plugin Bears Backup 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

9.8CVSS7.9AI score0.00732EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2025/07/17 12:0 a.m.2 views

PT-2025-29897 · Alone +1 · Alone +1

Name of the Vulnerable Software and Affected Versions: Bears Backup versions prior to 2.0.1 Description: The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up to and including 2.0.0. This is due to the bbackup ajax handle function lacking capability check...

9.8CVSS7.5AI score0.00732EPSS
Exploits3References7
RedhatCVE
RedhatCVE
added 2025/04/26 12:25 a.m.8 views

CVE-2025-3688

A vulnerability, which was classified as problematic, was found in mirweiye Seven Bears Library CMS 2023. This affects an unknown part of the component Background Management Page. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

4.8CVSS6.2AI score0.00278EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/26 12:22 a.m.8 views

CVE-2025-3691

A vulnerability was found in mirweiye Seven Bears Library CMS 2023. It has been classified as problematic. Affected is an unknown function of the component Add Link Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been...

5.3CVSS7AI score0.00463EPSS
Exploits1References1
OSV
OSV
added 2025/04/16 1:15 p.m.3 views

CVE-2025-3691

A vulnerability was found in mirweiye Seven Bears Library CMS 2023. It has been classified as problematic. Affected is an unknown function of the component Add Link Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been...

5.3CVSS4.8AI score0.00463EPSS
Exploits1References4
NVD
NVD
added 2025/04/16 1:15 p.m.21 views

CVE-2025-3691

A vulnerability was found in mirweiye Seven Bears Library CMS 2023. It has been classified as problematic. Affected is an unknown function of the component Add Link Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been...

5.3CVSS0.00463EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/04/16 1:0 p.m.11 views

CVE-2025-3691 mirweiye Seven Bears Library CMS Add Link server-side request forgery

A vulnerability was found in mirweiye Seven Bears Library CMS 2023. It has been classified as problematic. Affected is an unknown function of the component Add Link Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been...

5.1CVSS4.2AI score0.00463EPSS
Exploits1References4
CVE
CVE
added 2025/04/16 1:0 p.m.68 views

CVE-2025-3691

CVE-2025-3691 affects mirweiye Seven Bears Library CMS (2023) via the Add Link Handler. Reported vulnerability is server-side request forgery (SSRF) that can be triggered remotely. Several sources confirm remote exploitation and public disclosure; no explicit patch details are provided in the sup...

5.3CVSS3.8AI score0.00463EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/04/16 1:0 p.m.18 views

CVE-2025-3691 mirweiye Seven Bears Library CMS Add Link server-side request forgery

A vulnerability was found in mirweiye Seven Bears Library CMS 2023. It has been classified as problematic. Affected is an unknown function of the component Add Link Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been...

5.1CVSS0.00463EPSS
Exploits1References4
NVD
NVD
added 2025/04/16 12:15 p.m.16 views

CVE-2025-3688

A vulnerability, which was classified as problematic, was found in mirweiye Seven Bears Library CMS 2023. This affects an unknown part of the component Background Management Page. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

4.8CVSS0.00278EPSS
Exploits0References4
Rows per page
Query Builder