CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

NVD•added 2026/02/19 7:17 a.m.•4 views

CVE-2025-12845

The Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent plugin for WordPress is vulnerable to unauthorized access of data that leads to privilege escalation due to a missing capability check on the gettabledata function in versions 0.5.4 to 1.2.1. This makes it possible...

8.8CVSS0.0007EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-27178

Malicious code in bioql PyPI...

4.3CVSS8.9AI score0.00222EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-16854

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00717EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-57732

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.00111EPSS

Exploits0References2

CNNVD•added 2025/09/10 12:0 a.m.•1 views

WordPress plugin Maspik 安全漏洞

WordPress Maspik plugin is an anti-spam plugin for WordPress that is mainly used to protect website contact forms, comment areas and signup forms from spam. WordPress Maspik plugin suffers from an authorization issue vulnerability that stems from a lack of capability check in the function...

4.3CVSS6.6AI score0.00064EPSS

Exploits0References4

NVD•added 2025/07/09 12:15 a.m.•3 views

CVE-2025-3780

The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wcfmredirecttosetup function in all versions up to, and including, 6.7.16. This makes i...

6.5CVSS0.00478EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 10:44 a.m.•3 views

CVE-2024-9824

The ImagePress – Image Gallery plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'ipdeletepost' and 'ipupdateposttitle' functions in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers...

4.3CVSS6.6AI score0.00147EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:44 a.m.•4 views

CVE-2024-9187

The Read more By Adam plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deleteRm function in all versions up to, and including, 1.1.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete read...

4.3CVSS6.4AI score0.00133EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:9 a.m.•4 views

CVE-2024-1994

The Image Watermark plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the watermarkactionajax function in all versions up to, and including, 1.7.3. This makes it possible for authenticated attackers, with subscriber-level access and above...

4.3CVSS6.4AI score0.0009EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:41 a.m.•8 views

CVE-2024-6465

The WP Links Page plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wplfajaxupdatescreenshots' function in all versions up to, and including, 4.9.5. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS6.5AI score0.00108EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:31 a.m.•8 views

CVE-2023-5251

The Grid Plus plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'gridplussavelayoutcallback' and 'gridplusdeletecallback' functions in versions up to, and including, 1.3.2. This makes it possible for authenticated...

5.4CVSS6.6AI score0.00062EPSS

Exploits0References1