Lucene search
K

90 matches found

Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.261 views

Wordpress Secure Copy Content Protection And Content Locking Sccp_id Unauthenticated SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Secure Copy Content Protection and Content Locking sccpid Unauthenticated SQLi', 'Description' = %q Secure Copy Content Protection and...

9.8CVSS7.4AI score0.78812EPSS
Exploits7
Patchstack
Patchstack
added 2024/07/11 9:51 a.m.5 views

WordPress Secure Copy Content Protection plugin < 4.0.9 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Aryom in WordPress Plugin Secure Copy Content Protection and Content Locking versions 4.0.9...

6.5CVSS6.1AI score0.00371EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/07/11 6:15 a.m.5 views

CVE-2024-6138

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

4.8CVSS5.8AI score0.00371EPSS
Exploits1References1
NVD
NVD
added 2024/07/11 6:15 a.m.21 views

CVE-2024-6138

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

6.5CVSS0.00371EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/11 6:0 a.m.30 views

CVE-2024-6138 Secure Copy Content Protection < 4.0.9 - Admin+ Stored XSS

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

0.00371EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/07/11 12:0 a.m.8 views

WordPress Secure Copy Content Protection and Content Locking Plugin < 4.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Secure Copy Content Protection and Content Locking Type Plugin Vulnerable versions 4.0.9 Fixed in 4.0.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6138 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 386e7454f8d8...

6.5CVSS5.8AI score0.00371EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/11 12:0 a.m.9 views

PT-2024-37413 · WordPress · Secure Copy Content Protection/Content Locking

Name of the Vulnerable Software and Affected Versions: Secure Copy Content Protection and Content Locking WordPress plugin versions prior to 4.0.9 Description: The issue allows high privilege users, such as admin, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html...

6.5CVSS5.9AI score0.00371EPSS
Exploits1References8
CNNVD
CNNVD
added 2024/07/11 12:0 a.m.4 views

WordPress plugin Secure Copy Content Protection and Content Locking security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

6.5CVSS6.6AI score0.00371EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/06/09 1:0 p.m.27 views

CVE-2024-32787 WordPress Secure Copy Content Protection and Content Locking plugin <= 3.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Copy Content Protection Team Secure Copy Content Protection and Content Locking.This issue affects Secure Copy Content Protection and Content Locking: from n/a through 3.7.1...

4.3CVSS0.00277EPSS
Exploits0References1
CVE
CVE
added 2024/06/09 1:0 p.m.72 views

CVE-2024-32787

CVE-2024-32787 is a Missing Authorization vulnerability reported for the WordPress plugin Secure Copy Content Protection and Content Locking, affecting versions up to 3.7.1 (from n/a through 3.7.1). The initial description notes no exploitation details or mitigation. CVSSv3.1 data (source audit@p...

4.3CVSS4.6AI score0.00277EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/09 12:0 a.m.4 views

WordPress plugin Secure Copy Content Protection and Content Locking 3.7.1 and security vulnerabilities

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wordPress plugin is an application plugin. A security vulnerability exists in the...

4.3CVSS6.7AI score0.00277EPSS
Exploits0References2
NVD
NVD
added 2024/04/29 1:15 p.m.16 views

CVE-2024-33587

Missing Authorization vulnerability in Copy Content Protection Team Secure Copy Content Protection and Content Locking.This issue affects Secure Copy Content Protection and Content Locking: from n/a through 3.9.0...

5.3CVSS5.3AI score0.00384EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/29 12:0 a.m.6 views

WordPress plugin Secure Copy Content Protection and Content Locking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

5.3CVSS6.7AI score0.00384EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/29 12:0 a.m.5 views

PT-2024-25355 · Unknown · Secure Copy Content Protection/Content Locking

Name of the Vulnerable Software and Affected Versions: Secure Copy Content Protection and Content Locking versions 3.9.0 and earlier Description: A Missing Authorization issue has been identified, affecting Secure Copy Content Protection and Content Locking. The issue allows for potential...

5.3CVSS6.5AI score0.00384EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/04/25 2:36 p.m.5 views

WordPress Secure Copy Content Protection and Content Locking plugin <= 3.9.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Secure Copy Content Protection and Content Locking versions = 3.9.0...

5.3CVSS7AI score0.00384EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/22 1:35 p.m.3 views

WordPress Secure Copy Content Protection and Content Locking plugin <= 3.7.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Secure Copy Content Protection and Content Locking versions = 3.7.1...

4.3CVSS7AI score0.00277EPSS
Exploits0Affected Software1
OSV
OSV
added 2022/05/17 12:0 a.m.32 views

GHSA-FJ9V-G8FW-VXMF Improper Privilege Management in craftercms

A logged-in and authenticated user with a Reviewer Role may lock a content item...

4.3CVSS4.5AI score0.0056EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/17 12:0 a.m.27 views

Improper Privilege Management in craftercms

A logged-in and authenticated user with a Reviewer Role may lock a content item...

4.3CVSS4.1AI score0.0056EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/05/16 5:5 p.m.78 views

CVE-2021-23265

Technical details about CVE-2021-23265 are not publicly provided in the supplied documents. The materials confirm a privilege-related issue in Crafter CMS allowing a Reviewer to lock content, but no specifics on affected versions or fix are included. Monitor for updates.

4.3CVSS4.2AI score0.0056EPSS
Exploits0References1Affected Software1
Metasploit
Metasploit
added 2022/02/25 5:43 p.m.203 views

Wordpress Secure Copy Content Protection and Content Locking sccp_id Unauthenticated SQLi

Secure Copy Content Protection and Content Locking, a WordPress plugin, prior to 2.8.2 is affected by an unauthenticated SQL injection via the sccpid parameter. Remote attackers can exploit this vulnerability to dump usernames and password hashes from thewpusers table of the affected WordPress...

9.8CVSS9.8AI score0.78812EPSS
Exploits7
Rows per page
Query Builder