Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-34028

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00331EPSS
Exploits1References2
Prion
Prion
added 2023/05/31 3:15 a.m.24 views

Cross site request forgery (csrf)

The Feather Login Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions starting from 1.0.7 up to, and including, 1.1.1. This is due to missing nonce validation in the 'createTempAccountLink' function. This makes it possible for unauthenticated attackers to create a ne...

6.8CVSS8.4AI score0.00714EPSS
Exploits2References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/31 2:40 a.m.13 views

CVE-2023-2545

The Feather Login Page plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getListOfUsers' function in versions starting from 1.0.7 up to, and including, 1.1.1. This makes it possible for authenticated attackers, with subscriber-level...

8.1CVSS8.4AI score0.00714EPSS
Exploits1References2
CVE
CVE
added 2023/05/31 2:40 a.m.57 views

CVE-2023-2545

CVE-2023-2545 : The Feather Login Page plugin for WordPress (versions 1.0.7–1.1.1) has two concrete flaws. First, a missing capability check on the getListOfUsers function allows authenticated users with subscriber-level permissions and above to access login links, enabling potential privilege es...

8.8CVSS8.2AI score0.00714EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2023/05/31 12:0 a.m.19 views

WordPress Feather Login Page Plugin 1.0.7-1.1.1 is vulnerable to Broken Access Control

Software Feather Login Page Type Plugin Vulnerable versions 1.0.7-1.1.1 Fixed in 1.1.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2545 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 109ff0ae5394 Credits Lana Codes Required...

8.8CVSS6.8AI score0.00714EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder