Lucene search
+L

4 matches found

NVD
NVD
added 2025/05/07 3:15 a.m.26 views

CVE-2025-2821

The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the getrestpermission function in all versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers to modify plugin settings, excluding...

5.3CVSS0.00301EPSS
Exploits0References3
Circl
Circl
added 2025/05/07 2:21 a.m.32 views

CVE-2025-2821

creationtimestamp| type| source ---|---|--- 2025-05-07 02:21:41+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15248 2025-05-07 04:26:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lokkl454wm2h 2025-05-07 07:12:52+00:00| seen| https://t.me/cvedetector/24670...

5.3CVSS8.7AI score0.00301EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/05/07 1:43 a.m.8 views

CVE-2025-2821 Search Exclude <= 2.4.9 - Missing Authorization to Unauthenticated Plugin Settings Modification

The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the getrestpermission function in all versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers to modify plugin settings, excluding...

5.3CVSS5.1AI score0.00301EPSS
Exploits0References3
CVE
CVE
added 2025/05/07 1:43 a.m.80 views

CVE-2025-2821

CVE-2025-2821 affects the WordPress Search Exclude plugin (versions up to and including 2.4.9). The root cause is a missing capability check in the get_rest_permission function, enabling unauthorized modification of plugin settings and exclusion of content from search results by unauthenticated a...

5.3CVSS5.2AI score0.00301EPSS
Exploits0References3
Rows per page
Query Builder