Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/11/20 9:36 p.m.6 views

CVE-2025-13085

The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Improper Authorization leading to Sensitive Post Meta Disclosure in versions up to and including 1.3.2. This is due to missing object-level authorization checks in the resolvevariables AJAX handler. This makes it possible for...

4.3CVSS5.2AI score0.00212EPSS
Exploits0References1
NVD
NVD
added 2025/11/19 7:15 a.m.4 views

CVE-2025-13085

The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Improper Authorization leading to Sensitive Post Meta Disclosure in versions up to and including 1.3.2. This is due to missing object-level authorization checks in the resolvevariables AJAX handler. This makes it possible for...

4.3CVSS0.00212EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/11/19 6:45 a.m.4 views

CVE-2025-13085 SiteSEO – SEO Simplified <= 1.3.2 - Insecure Direct Object Reference to Sensitive Post Meta Disclosure

The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Improper Authorization leading to Sensitive Post Meta Disclosure in versions up to and including 1.3.2. This is due to missing object-level authorization checks in the resolvevariables AJAX handler. This makes it possible for...

4.3CVSS4.8AI score0.00212EPSS
Exploits0References5
CNVD
CNVD
added 2023/05/17 12:0 a.m.19 views

Billing Management System SQL Injection Vulnerability

Billing Management System is a simple web application for managing customer billing for electricity supplier companies. A SQL injection vulnerability exists in Billing Management System v1.0, which stems from a lack of validation of externally entered SQL statements in the parameter id of...

8.8CVSS8.3AI score0.00824EPSS
Exploits1References1
Huntr
Huntr
added 2021/04/25 7:7 p.m.13 views

Cross-site Scripting (XSS) - Stored in bytefury/crater

✍️ Description Stored xss using customer billing address 🕵️‍♂️ Proof of Concept 1. First goto demo app https://demo.craterapp.com/admin/customers/create and create a customer . During creation put bellow xss payload in billing address field and save it . Now see xss is executed payload -- xss"'...

1.1AI score
Exploits0
ThreatPost
ThreatPost
added 2017/09/22 3:56 p.m.18 views

Verizon Wireless Internal Credentials, Infrastructure Details Exposed in Amazon S3 Bucket

Organizations continue to leak data through publicly accessible Amazon S3 buckets, pointing a harsh finger at continued lax attitudes toward the custodianship of sensitive data. Verizon is the latest business affected by this epidemic, leaking in this case files marked confidential from an intern...

0.6AI score
Exploits0References2
securityvulns
securityvulns
added 2000/06/15 12:0 a.m.58 views

ACC/Ericsson Tigris Accounting Failure

The Tigris is a high-density router/remote-access platform, currently a product of Ericsson, more information on it can be found at: http://www.ericsson.com/datacom/products/wanaccess/tigris/index.shtml There appears to be a bug in the Tigris operating system software that causes Radius accountin...

1.5AI score
Exploits0
Rows per page
Query Builder