9655 matches found
CVE-2026-1927
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the greenshiftapppassvalidation function in all versions up to, and including, 12.6. This makes it possible for authenticated attackers, with...
EUVD-2026-5554
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the greenshiftapppassvalidation function in all versions up to, and including, 12.5.7. This makes it possible for authenticated attackers, with...
CVE-2025-15507
The Magic Import Document Extractor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxsyncusage function in all versions up to, and including, 1.0.5. This makes it possible for unauthenticated attackers to modify the plugin's...
CVE-2025-15285
The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checkBlogAuthentication and checkCategoryAuthentication functions in all versions up to, and including, 2.2.1. These authorization functions only implement...
CVE-2026-0572
The WebPurify Profanity Filter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'webpurifysaveoptions' function in all versions up to, and including, 4.0.2. This makes it possible for unauthenticated attackers to change plugin settin...
CVE-2025-14079
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.3.5. This is due to missing capability checks on the ehcrmticketgeneral function combined with a shared nonce that is exposed to low-privileg...
CVE-2025-13416
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized user suspension due to a missing capability check on the pmdeactivateuserfromgroup function in all versions up to, and including, 5.9.7.2. This makes it possible for authenticated attackers,...
CVE-2025-13416
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized user suspension due to a missing capability check on the pmdeactivateuserfromgroup function in all versions up to, and including, 5.9.7.2. This makes it possible for authenticated attackers,...
EUVD-2025-206868
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized user suspension due to a missing capability check on the pmdeactivateuserfromgroup function in all versions up to, and including, 5.9.7.2. This makes it possible for authenticated attackers,...
WordPress plugin ProfileGrid – User Profiles, Groups and Communities 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin Greenshift 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-5876
Name of the Vulnerable Software and Affected Versions ProfileGrid – User Profiles, Groups and Communities plugin for WordPress versions through 5.9.7.2 Description The ProfileGrid plugin for WordPress is susceptible to unauthorized user suspension. This occurs because of a missing capability chec...
Microsoft Azure Functions 信息泄露漏洞
Microsoft Azure Functions is a hosted Platform-as-a-Service PaaS provider from Microsoft Corporation USA that delivers event-driven and scheduled compute resources for Azure cloud services. An information disclosure vulnerability exists in Microsoft Azure Functions, which can be exploited by an...
PT-2026-6555
Name of the Vulnerable Software and Affected Versions Greenshift – animation and page builder blocks plugin for WordPress versions through 12.5.7 Description The plugin is susceptible to unauthorized data access because of a missing capability check within the greenshift app pass validation...
CVE-2026-0572
The WebPurify Profanity Filter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'webpurifysaveoptions' function in all versions up to, and including, 4.0.2. This makes it possible for unauthenticated attackers to change plugin settin...
CVE-2025-15507
The Magic Import Document Extractor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxsyncusage function in all versions up to, and including, 1.0.5. This makes it possible for unauthenticated attackers to modify the plugin's...
CVE-2025-15285
The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checkBlogAuthentication and checkCategoryAuthentication functions in all versions up to, and including, 2.2.1. These authorization functions only implement...
CVE-2026-0572 WebPurify Profanity Filter <= 4.0.2 - Missing Authorization to Unauthenticated Plugin Settings Change via webpurify_save_options
The WebPurify Profanity Filter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'webpurifysaveoptions' function in all versions up to, and including, 4.0.2. This makes it possible for unauthenticated attackers to change plugin settin...
CVE-2026-0572
The WebPurify Profanity Filter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'webpurifysaveoptions' function in all versions up to, and including, 4.0.2. This makes it possible for unauthenticated attackers to change plugin settin...
EUVD-2026-5413
The WebPurify Profanity Filter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'webpurifysaveoptions' function in all versions up to, and including, 4.0.2. This makes it possible for unauthenticated attackers to change plugin settin...