Lucene search
K

4 matches found

Circl
Circl
added 2025/08/02 11:0 p.m.23 views

CVE-2025-4606

creationtimestamp| type| source ---|---|--- 2025-08-02 23:00:09+00:00| published-proof-of-concept| Telegram/q5mn87rSG6gtI0smEdxx6J-G64nS0ki-dVcfLGdhRjHxuoE 2025-08-03 03:00:05+00:00| published-proof-of-concept| Telegram/I2SzHYS-2X5tGNiLKp66oCYJvjCLqCM5NMA3TgqWPuEsY 2025-08-05 21:02:24+00:00| seen...

9.8CVSS4.8AI score0.00561EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/07/09 3:22 a.m.13 views

CVE-2025-4606 Sala - Startup & SaaS WordPress Theme <= 1.1.4 - Unauthenticated Privilege Escalation via Password Reset/Account Takeover

The Sala - Startup & SaaS WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.4. This is due to the theme not properly validating a user's identity prior to updating their details like password. This makes it...

9.8CVSS0.00561EPSS
Exploits1References2
CVE
CVE
added 2025/07/09 3:22 a.m.54 views

CVE-2025-4606

The CVE-2025-4606 entry concerns the Sala - Startup & SaaS WordPress Theme and its vulnerability to unauthenticated privilege escalation. Affected versions are all up to 1.1.4, where the theme fails to properly validate a user’s identity before updating details such as passwords. This allows an u...

9.8CVSS7.1AI score0.00561EPSS
In wildExploits1References2
Patchstack
Patchstack
added 2025/07/08 12:0 a.m.9 views

WordPress Sala Theme <= 1.1.4 is vulnerable to Privilege Escalation

Software Sala Type Theme Vulnerable versions = 1.1.4 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2025-4606 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID e358e6b6574a Credits Thái An Required...

9.8CVSS6.5AI score0.00561EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder