Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-52790

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00501EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:58 a.m.6 views

CVE-2024-55517

An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated session...

8.8CVSS7.8AI score0.00501EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 9:13 p.m.11 views

CVE-2024-11299

The Memberpress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.37 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to...

7.5CVSS6.9AI score0.00295EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/22 11:12 a.m.10 views

CVE-2024-11299 Memberpress <= 1.11.37 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure

The Memberpress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.37 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to...

5.3CVSS7.1AI score0.00295EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/22 12:0 a.m.3 views

WordPress plugin Memberpress 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

7.5CVSS7.5AI score0.00295EPSS
Exploits0References2
OSV
OSV
added 2025/01/26 7:15 a.m.1 views

CVE-2024-11090

The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.13 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have bee...

7.5CVSS7.3AI score0.00439EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/26 12:0 a.m.6 views

PT-2025-1619 · WordPress · Membership Plugin – Restrict Content

Name of the Vulnerable Software and Affected Versions: The Membership Plugin – Restrict Content plugin for WordPress versions up to, and including, 3.2.13 Description: The issue allows unauthenticated attackers to extract sensitive data from posts restricted to higher-level roles, such as...

7.5CVSS6.9AI score0.00439EPSS
Exploits0References11
NVD
NVD
added 2025/01/08 4:15 p.m.7 views

CVE-2024-55517

An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated session...

8.8CVSS0.00501EPSS
Exploits0References1
CVE
CVE
added 2025/01/08 12:0 a.m.48 views

CVE-2024-55517

Summary (CVE-2024-55517) : Polaris FT Intellect Core Banking 9.5’s Interllect Core Search has a vulnerability where input passed via the groupType parameter in /SCGController is mishandled before being used in SQL queries, enabling SQL injection in an authenticated session. Affected component: In...

8.8CVSS7.8AI score0.00501EPSS
Exploits0References1
OSV
OSV
added 2024/12/20 7:15 a.m.4 views

CVE-2024-11297

The Page Restriction WordPress WP – Protect WP Pages/Post plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.6 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from pos...

7.5CVSS7.3AI score0.0059EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/12/18 12:0 a.m.7 views

PT-2024-16890 · WordPress · Simple Page Access Restriction

Name of the Vulnerable Software and Affected Versions: Simple Page Access Restriction plugin for WordPress versions up to 1.0.29 Description: The issue allows unauthenticated attackers to extract sensitive data from posts restricted to higher-level roles, such as logged-in users, via the WordPres...

5.3CVSS9.4AI score0.00452EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/12/17 12:0 a.m.5 views

PT-2024-16889 · WordPress · Memberful

Name of the Vulnerable Software and Affected Versions: Memberful plugin for WordPress versions up to, and including, 1.73.9 Description: The issue allows unauthenticated attackers to extract sensitive data from posts restricted to higher-level roles, such as site members, via the WordPress core...

5.3CVSS9.6AI score0.00452EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/12/17 12:0 a.m.7 views

PT-2024-16881 · WordPress · Ppwp – Password Protect Pages

Name of the Vulnerable Software and Affected Versions: PPWP – Password Protect Pages plugin for WordPress versions up to, and including, 1.9.5 Description: The PPWP – Password Protect Pages plugin for WordPress is vulnerable to Sensitive Information Exposure via the WordPress core search feature...

5.3CVSS9.6AI score0.00402EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/12/11 12:0 a.m.5 views

PT-2024-16697 · WordPress · Members – Membership & User Role Editor Plugin

Name of the Vulnerable Software and Affected Versions: Members – Membership & User Role Editor Plugin versions up to, and including, 3.2.10 Description: The issue allows unauthenticated attackers to extract sensitive data from posts restricted to higher-level roles, such as administrators, via th...

5.3CVSS6.9AI score0.00359EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.8 views

PT-2024-16767 · WordPress · Simple Restrict

Name of the Vulnerable Software and Affected Versions: Simple Restrict plugin for WordPress versions up to, and including, 1.2.7 Description: The issue allows unauthenticated attackers to extract sensitive data from posts restricted to higher-level roles, such as administrators, via the WordPress...

5.3CVSS7.3AI score0.00367EPSS
Exploits0References6
OSV
OSV
added 2024/11/27 6:15 a.m.3 views

CVE-2024-11083

The ProfilePress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.15.18 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to...

5.3CVSS5.8AI score0.00399EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/27 12:0 a.m.3 views

PT-2024-16746 · WordPress · Profilepress

Name of the Vulnerable Software and Affected Versions: ProfilePress plugin for WordPress versions up to, and including, 4.15.18 Description: The issue allows unauthenticated attackers to extract sensitive data from posts restricted to higher-level roles, such as administrators, via the WordPress...

5.3CVSS7.3AI score0.00399EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/06/01 12:0 a.m.6 views

The vulnerability of the core_search class implementation in the virtual learning environment Moodle allows a intruder to gain unauthorized access to protected information.

The vulnerability of the coresearch class implementation in the virtual learning environment Moodle is related to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

4.3CVSS6.7AI score0.01013EPSS
Exploits0References12Affected Software3
Positive Technologies
Positive Technologies
added 2022/04/21 12:0 a.m.11 views

PT-2022-2727 · Moodle +2 · Moodle +2

Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: A flaw was found in Moodle where global search results could include author information on some activities where a user may not otherwise have access to it. The vulnerability is related to...

9.8CVSS5.8AI score0.49102EPSS
Exploits2References54
BDU FSTEC
BDU FSTEC
added 2020/08/14 12:0 a.m.5 views

The vulnerability of the `render_block_core_search` and `render_block_core_rss` functions in the WordPress content management system allows attackers to compromise the integrity of data.

The vulnerability of the renderblockcoresearch and renderblockcorerss functions in the WordPress content management system is related to deficiencies in the security measures used to protect web page structures. Exploiting this vulnerability could allow a malicious actor to compromise the integri...

5.4CVSS6.7AI score0.01437EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder