Lucene search
+L

90 matches found

CNNVD
CNNVD
added 2025/12/17 12:0 a.m.4 views

WordPress plugin WP Social Ninja 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

6.5CVSS6.5AI score0.00221EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/12 6:31 a.m.6 views

EUVD-2025-202985

The Simple Theme Changer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the userthemeadmin, displaymethodadmin, and setchangethemebuttonname actions actions in all versions up to, and including, 1.0. This makes it possible for...

4.3CVSS4.6AI score0.00164EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/12 3:20 a.m.5 views

EUVD-2025-202969

The Product Filtering by Categories, Tags, Price Range for WooCommerce – Filter Plus plugin for WordPress is vulnerable to unauthorized modification of data in all versions up to, and including, 1.1.5 due to a missing capability check on the 'filtersavesettings' and 'addfilteroptions' AJAX action...

5.3CVSS5AI score0.00249EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.6 views

WordPress plugin Infility Global 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

8.8CVSS6.8AI score0.00515EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.4 views

WordPress plugin Ultra Addons for Contact Form 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A security vulnerability exists in...

4.3CVSS6.3AI score0.00343EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/12/07 6:5 a.m.16 views

CVE-2025-12721

The g-FFL Cockpit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.1 via the /serverstatus REST API endpoint due to a lack of capability checks. This makes it possible for unauthenticated attackers to extract information about the serv...

5.3CVSS5.6AI score0.00248EPSS
Exploits0References1
CVE
CVE
added 2025/11/05 6:35 a.m.22 views

CVE-2025-11373

CVE-2025-11373 concerns the Depicter Popup & Slider Builder for WordPress. The root cause is a missing capability check in the depicter-media-upload AJAX route, affecting all versions up to and including 4.0.4. This enables authenticated attackers with Contributor-level access or higher to upload...

4.3CVSS5.1AI score0.00228EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/26 12:0 a.m.8 views

WordPress plugin Product Filter by WBW security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS5.8AI score0.00264EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/25 12:0 a.m.8 views

WordPress plugin NGINX Cache Optimizer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

4.3CVSS6.3AI score0.00184EPSS
Exploits0References3
NVD
NVD
added 2025/10/24 9:15 a.m.8 views

CVE-2025-11887

The Supervisor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX functions in all versions up to, and including, 1.3.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update...

4.3CVSS0.00184EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/24 8:24 a.m.5 views

EUVD-2025-35806

The Microsoft Azure Storage for WordPress plugin for WordPress is vulnerable to Unauthorized Arbitrary Media Deletion in all versions up to, and including, 4.5.1. This is due to missing capability checks on the 'azure-storage-media-replace' AJAX action. This makes it possible for authenticated...

5.4CVSS5.2AI score0.00247EPSS
Exploits0References4
NVD
NVD
added 2025/10/15 9:15 a.m.12 views

CVE-2025-11196

The External Login plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.11.2 due to the 'exlogtestconnection' AJAX action lacking capability checks or nonce validation. This makes it possible for authenticated attackers, with subscriber-leve...

4.3CVSS0.00251EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/15 8:25 a.m.6 views

EUVD-2025-34549

The Library Management System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the owt7librarymanagementajaxhandler function in all versions up to, and including, 3.1. This makes it possible for authenticated attackers, with...

4.3CVSS4.7AI score0.00219EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-48316

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00266EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/20 12:0 a.m.6 views

PT-2025-38630

Name of the Vulnerable Software and Affected Versions Secure Passkeys plugin for WordPress versions up to and including 1.2.1 Description The Secure Passkeys plugin for WordPress is susceptible to unauthorized access due to a missing capability check within the delete passkey and passkeys list...

5.3CVSS5.5AI score0.00211EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/11 7:16 a.m.8 views

CVE-2025-9542

The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on multiple plugin's functions in all versions up to, and including, 5.3.7...

5.4CVSS5.1AI score0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/28 12:0 a.m.14 views

WordPress plugin LiquidThemes 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

4.3CVSS6.4AI score0.00182EPSS
Exploits0References3
CNVD
CNVD
added 2025/08/15 12:0 a.m.3 views

WordPress B Slider - Gutenberg Slider Block for WP plugin code execution vulnerability

WordPress B Slider - Gutenberg Slider Block for WP plugin is a core editor plugin that comes with WordPress and is part of the Gutenberg editor that was introduced in WordPress version 5.9. A code execution vulnerability exists in WordPress B Slider- Gutenberg Slider Block for WP plugin, which...

8.8CVSS7.6AI score0.00587EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/02 12:0 a.m.5 views

WordPress plugin Ultimate Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.3AI score0.00227EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/18 12:0 a.m.4 views

WordPress plugin Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Malcure...

6.5CVSS6.4AI score0.00309EPSS
Exploits0References3
Rows per page
Query Builder