Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-16044

Malicious code in bioql PyPI...

4.3CVSS7.4AI score0.00424EPSS
Exploits2References1
OSV
OSV
added 2024/02/12 4:15 p.m.5 views

CVE-2024-0248

The EazyDocs WordPress plugin before 2.4.0 re-introduced CVE-2023-6029 https://wpscan.com/vulnerability/7a0aaf85-8130-4fd7-8f09-f8edc929597e/ in 2.3.8, allowing any authenticated users, such as subscriber to delete arbitrary posts, as well as add and delete documents/sections. The issue was...

4.3CVSS5.9AI score0.00424EPSS
Exploits2References1
NVD
NVD
added 2024/02/12 4:15 p.m.24 views

CVE-2024-0248

The EazyDocs WordPress plugin before 2.4.0 re-introduced CVE-2023-6029 https://wpscan.com/vulnerability/7a0aaf85-8130-4fd7-8f09-f8edc929597e/ in 2.3.8, allowing any authenticated users, such as subscriber to delete arbitrary posts, as well as add and delete documents/sections. The issue was...

4.3CVSS7.4AI score0.00424EPSS
Exploits2References1
Prion
Prion
added 2024/02/12 4:15 p.m.25 views

Code injection

The EazyDocs WordPress plugin before 2.4.0 re-introduced CVE-2023-6029 https://wpscan.com/vulnerability/7a0aaf85-8130-4fd7-8f09-f8edc929597e/ in 2.3.8, allowing any authenticated users, such as subscriber to delete arbitrary posts, as well as add and delete documents/sections. The issue was...

7.2AI score0.00424EPSS
Exploits4References1
WPVulnDB
WPVulnDB
added 2024/01/16 12:0 a.m.23 views

EazyDocs < 2.4.0 - Subscriber+ Arbitrary Posts Deletion and Document Management

Description The plugin re-introduced CVE-2023-6029 https://wpscan.com/vulnerability/7a0aaf85-8130-4fd7-8f09-f8edc929597e/ in 2.3.8, allowing any authenticated users, such as subscriber to delete arbitrary posts, as well as add and delete documents/sections. The issue was partially fixed in 2.3.9...

7.4AI score0.00424EPSS
Exploits4Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/15 3:10 p.m.14 views

CVE-2023-6029 EazyDocs < 2.3.6 - Unauthenticated Arbitrary Posts Deletion and Document Management

The EazyDocs WordPress plugin before 2.3.6 does not have authorization and CSRF checks when handling documents and does not ensure that they are documents from the plugin, allowing unauthenticated users to delete arbitrary posts, as well as add and delete documents/sections...

6.9AI score0.00248EPSS
Exploits3References1
Cvelist
Cvelist
added 2024/01/15 3:10 p.m.28 views

CVE-2023-6029 EazyDocs < 2.3.6 - Unauthenticated Arbitrary Posts Deletion and Document Management

The EazyDocs WordPress plugin before 2.3.6 does not have authorization and CSRF checks when handling documents and does not ensure that they are documents from the plugin, allowing unauthenticated users to delete arbitrary posts, as well as add and delete documents/sections...

7.8AI score0.00248EPSS
Exploits3References1
CVE
CVE
added 2024/01/15 3:10 p.m.51 views

CVE-2023-6029

The CVE concerns the EazyDocs WordPress plugin (before 2.3.6) where missing authorization and CSRF checks allow unauthenticated users to delete arbitrary posts and to add/delete documents/sections. Root cause: the plugin does not validate that target documents originate from the plugin, enabling ...

7.5CVSS7.5AI score0.00248EPSS
Exploits3References1Affected Software1
Rows per page
Query Builder