Lucene search
+L

4 matches found

NVD
NVD
added 2025/03/14 6:15 a.m.10 views

CVE-2025-0952

The Eco Nature - Environment & Ecology WordPress Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'cmsmastershideadminnotice' AJAX action in all versions up to, and including, 2.0.4. This mak...

8.1CVSS0.00303EPSS
Exploits0References2
Circl
Circl
added 2025/03/14 5:46 a.m.7 views

CVE-2025-0952

creationtimestamp| type| source ---|---|--- 2025-03-14 05:46:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7533 2025-03-14 06:41:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkcyxjwog32s 2025-03-14 07:48:37+00:00| seen|...

8.1CVSS8.7AI score0.00303EPSS
Exploits0References4
CVE
CVE
added 2025/03/14 5:24 a.m.51 views

CVE-2025-0952

CVE-2025-0952 affects the Eco Nature - Environment & Ecology WordPress Theme. A missing capability check on the cmsmasters_hide_admin_notice AJAX action in all versions up to 2.0.4 allows authenticated users with Subscriber+ access to modify options (e.g., setting hide) and potentially cause a de...

8.1CVSS7.7AI score0.00303EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/14 5:24 a.m.12 views

CVE-2025-0952 Eco Nature - Environment & Ecology WordPress Theme <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update

The Eco Nature - Environment & Ecology WordPress Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'cmsmastershideadminnotice' AJAX action in all versions up to, and including, 2.0.4. This mak...

8.1CVSS0.00303EPSS
Exploits0References2
Rows per page
Query Builder