Lucene search
K

13 matches found

EUVD
EUVD
added 2026/05/19 9:19 a.m.9 views

EUVD-2026-30857

The create and edit flows do not restrict which user properties may be submitted and do not enforce access control on the frontend user group assignment. As a result, an attacker can assign an arbitrary frontend user group to a newly registered or edited account, gaining unauthorized access to...

6.9CVSS5.9AI score0.00352EPSS
Exploits0References1
CVE
CVE
added 2025/04/22 11:12 a.m.55 views

CVE-2024-11299

CVE-2024-11299 (Memberpress for WordPress) affects WordPress Memberpress plugin versions up to and including 1.11.37. The issue is an unauthenticated content-restriction bypass via WordPress core search, enabling attackers to exfiltrate sensitive data from restricted posts (e.g., those limited to...

7.5CVSS5.3AI score0.00295EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2025/03/04 11:20 p.m.4 views

WordPress Content Control plugin <= 2.5.0 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability

Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Content Control versions = 2.5.0...

5.3CVSS6.9AI score0.00385EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/01/07 10:0 a.m.8 views

WordPress Passster plugin <= 4.2.10 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability

Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Passster versions = 4.2.10...

7.5CVSS6.9AI score0.0039EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/07 6:40 a.m.7 views

CVE-2024-11282 Passster – Password Protect Pages and Content <= 4.2.10 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure

The Passster – Password Protect Pages and Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.10 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that...

5.3CVSS6.9AI score0.0039EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/18 11:9 a.m.27 views

CVE-2024-11291 Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.4 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure

The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.13.4 via the WordPress core search feature. This makes it possible for unauthenticated...

5.3CVSS0.00457EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/18 7:2 a.m.14 views

CVE-2024-11295 Simple Page Access Restriction <= 1.0.29 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure

The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.29 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been...

5.3CVSS6.9AI score0.00452EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/12/17 1:6 a.m.4 views

WordPress PPWP – Password Protect Pages plugin <= 1.9.5 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability

Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin PPWP versions = 1.9.5...

5.3CVSS7.3AI score0.00402EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/12/16 10:22 p.m.5 views

WordPress Memberful plugin <= 1.73.9 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability

Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Memberful - Membership Plugin versions = 1.73.9...

5.3CVSS7AI score0.00452EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/26 10:21 p.m.4 views

WordPress ProfilePress plugin <= 4.15.18 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability

Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin ProfilePress versions = 4.15.18...

5.3CVSS6.9AI score0.00399EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/21 11:31 p.m.4 views

WordPress Anonymous Restricted Content plugin <= 1.6.5 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability

Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Anonymous Restricted Content versions = 1.6.5...

5.3CVSS6.9AI score0.00552EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2005/06/14 4:0 a.m.15 views

CVE-2005-1215

Microsoft ISA Server 2000 allows remote attackers to poison the ISA cache or bypass content restriction policies via a malformed HTTP request packet containing multiple Content-Length headers...

7.5CVSS6.6AI score0.19035EPSS
Exploits0References5
Symantec
Symantec
added 2005/06/14 12:0 a.m.23 views

Microsoft ISA Server HTTP Request Smuggling Vulnerability

Description Microsoft Internet Security and Acceleration ISA server is reported prone to a HTTP request smuggling attack. The vendor reports that Microsoft ISA server fails to correctly handle an invalid HTTP request that contains multiple 'Content-Length' values in an invalid HTTP header. A remo...

0.4AI score
Exploits0References1Affected Software1
Rows per page
Query Builder