Lucene search
K

8 matches found

CNVD
CNVD
added 2025/10/21 12:0 a.m.4 views

WordPress Classified Pro plugin Unauthorized Plugin Installation Vulnerability

WordPress Classified Pro plugin is a plugin for quickly creating a classified ad section on a WordPress website, supporting different scenarios of listings management such as automotive, second-hand trading, etc., and providing features such as searching, ad space configuration, and text...

8.8CVSS7.9AI score0.00584EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/17 7:50 a.m.7 views

CVE-2025-10706

The Classified Pro theme for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check in the 'cwpaddonsupdateplugincb' function in all versions up to, and including, 1.0.14. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS6.7AI score0.00584EPSS
Exploits0References1
NVD
NVD
added 2025/10/16 7:15 a.m.3 views

CVE-2025-10706

The Classified Pro theme for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check in the 'cwpaddonsupdateplugincb' function in all versions up to, and including, 1.0.14. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS0.00584EPSS
Exploits0References2
CVE
CVE
added 2025/10/16 6:47 a.m.18 views

CVE-2025-10706

CVE-2025-10706 pertains to the Classified Pro WordPress theme. Wordfence and CVE records confirm a missing capability check in cwp_addons_update_plugin_cb across all versions

8.8CVSS6.3AI score0.00584EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/16 6:47 a.m.4 views

EUVD-2025-34723

The Classified Pro theme for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check in the 'cwpaddonsupdateplugincb' function in all versions up to, and including, 1.0.14. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS6.2AI score0.00584EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/16 6:47 a.m.3 views

CVE-2025-10706 Classified Pro <= 1.0.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation

The Classified Pro theme for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check in the 'cwpaddonsupdateplugincb' function in all versions up to, and including, 1.0.14. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS6.3AI score0.00584EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/16 6:47 a.m.7 views

CVE-2025-10706 Classified Pro <= 1.0.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation

The Classified Pro theme for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check in the 'cwpaddonsupdateplugincb' function in all versions up to, and including, 1.0.14. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS0.00584EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/16 12:0 a.m.3 views

WordPress plugin Classified Pro 安全漏洞

WordPress Classified Pro plugin is a plugin for quickly creating a classified ad section on a WordPress website, supporting different scenarios of listings management such as automotive, second-hand trading, etc., and providing features such as searching, ad space configuration, and text...

8.8CVSS7.8AI score0.00584EPSS
Exploits0References2
Rows per page
Query Builder