Lucene search
K

5 matches found

Packet Storm
Packet Storm
added 2025/03/24 12:0 a.m.219 views

WordPress Extensive VC Addons for WPBakery Page Builder 1.9.0 Code Execution

WordPress Extensive VC Addons for WPBakery Page Builder version 1.9.0 suffers from a remote execution vulnerability. Exploit Title: Extensive VC Addons for WPBakery page builder 1.9.1 - Unauthenticated RCE Date: 12 march 2025 Exploit Author: Ravina Vendor Homepage: wprealize Version: 1.9.1 Tested...

7.5CVSS7.6AI score0.55736EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/03/19 12:0 a.m.312 views

Extensive VC Addons for WPBakery page builder 1.9.0 - Remote Code Execution (RCE)

Exploit Title: Extensive VC Addons for WPBakery page builder 1.9.1 - Unauthenticated RCE Date: 12 march 2025 Exploit Author: Ravina Vendor Homepage: wprealize Version: 1.9.1 Tested on: windows, linux CVE ID : CVE-2023-0159 Vulnerability Type: Remote Code Execution...

7.5CVSS7AI score0.55736EPSS
Exploits3
Circl
Circl
added 2023/09/11 11:49 a.m.11 views

CVE-2023-0159

creationtimestamp| type| source ---|---|--- 2023-09-11 11:49:08+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5117 2025-03-20 21:02:04+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lktltkjv732e 2025-07-31 15:00:06+00:00| seen|...

7.5CVSS7.1AI score0.55736EPSS
In wildExploits3References6
Cvelist
Cvelist
added 2023/02/13 2:32 p.m.36 views

CVE-2023-0159 Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated RCE

The Extensive VC Addons for WPBakery page builder WordPress plugin before 1.9.1 does not validate a parameter passed to the php extract function when loading templates, allowing an unauthenticated attacker to override the template path to read arbitrary files from the hosts file system. This may ...

7.8AI score0.55736EPSS
Exploits3References1
CVE
CVE
added 2023/02/13 2:32 p.m.94 views

CVE-2023-0159

The CVE-2023-0159 entry affects the WordPress plugin Extensive VC Addons for WPBakery page builder (versions prior to 1.9.1). The vulnerability arises from not validating a parameter passed to PHP’s extract function when loading templates, permitting an unauthenticated attacker to override the te...

7.5CVSS7.6AI score0.55736EPSS
In wildExploits3References1Affected Software1
Rows per page
Query Builder