Lucene search
K

16 matches found

CNNVD
CNNVD
added 2026/03/26 12:0 a.m.8 views

WordPress plugin Amelia Booking 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

8.8CVSS7.5AI score0.00382EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/30 12:0 a.m.9 views

WordPress plugin StreamTube Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An arbitrary user password change vulnerability exists in the WordPress StreamTube Core plugin that originates from providing user-controlled access to objects, allowing a user ...

9.8CVSS6.6AI score0.00324EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-34027

Malicious code in bioql PyPI...

7.2CVSS7.7AI score0.00718EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-43755

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.00729EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 1:50 a.m.8 views

CVE-2023-2548

The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible f...

7.2CVSS6.5AI score0.00718EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/04/23 12:0 a.m.6 views

Developing a Blockchain-Based Secure Digital Contents Distribution System

As digital content distribution expands rapidly through online platforms, securing digital media and protecting intellectual property has become increasingly complex. Traditional centralized systems, while widely adopted, suffer from vulnerabilities such as single points of failure and limited...

7.1AI score
Exploits0
OSV
OSV
added 2025/01/09 8:15 p.m.4 views

CVE-2024-10215

The WPBookit plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 1.6.4. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for...

9.8CVSS5.8AI score0.0064EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2023/09/14 12:0 a.m.11 views

Simplr Registration Form Plus+ <= 2.4.5 - Subscriber+ Arbitrary User Password Change via IDOR

Description The plugin is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated...

8.8CVSS6.2AI score0.00615EPSS
Exploits0
CVE
CVE
added 2023/09/13 2:54 a.m.57 views

CVE-2023-4213

CVE-2023-4213 concerns the WordPress plugin Simplr Registration Form Plus+ (up to version 2.4.5). The vulnerability is an Insecure Direct Object Reference (IDOR) that lets an authenticated user with subscriber-level permissions or higher access objects controlled by the user, bypass authorization...

8.8CVSS8.4AI score0.00615EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/07/12 5:15 a.m.41 views

CVE-2023-3105

The LearnDash LMS plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.6.0. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for...

8.8CVSS8.6AI score0.02233EPSS
Exploits2References2
Prion
Prion
added 2023/07/12 5:15 a.m.36 views

Authorization

The LearnDash LMS plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.6.0. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for...

6.5CVSS8.5AI score0.02233EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2023/06/30 2:15 a.m.22 views

CVE-2023-3063

The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.67. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it...

8.8CVSS8.5AI score0.00729EPSS
Exploits0References2
Prion
Prion
added 2023/06/30 2:15 a.m.16 views

Authorization

The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.67. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it...

6.5CVSS8.4AI score0.00729EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/05/16 9:15 a.m.10 views

CVE-2023-2548

The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible f...

7.2CVSS6.4AI score0.00718EPSS
Exploits0References2
Prion
Prion
added 2023/05/16 9:15 a.m.18 views

Authorization

The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible f...

5.8CVSS6.7AI score0.00718EPSS
Exploits0References2Affected Software1
Cisco
Cisco
added 2013/07/17 4:10 p.m.25 views

Cisco Unified Communications Manager Privilege Escalation Vulnerability

A vulnerability in Cisco Unified Communications Manager Unified CM could allow an authenticated, local attacker to escalate privileges on the system. The vulnerability is due to improper file permissions on a privileged system binary. An attacker could exploit this vulnerability by modifying a...

6.8CVSS2.7AI score0.00357EPSS
Exploits0References1
Rows per page
Query Builder