Lucene search
K

10515 matches found

WPVulnDB
WPVulnDB
added 2024/03/05 12:0 a.m.15 views

Total < 2.1.60 - Missing Authorization to Authenticated (Subscriber+) Sections Update

Description The Total theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the totalordersections function in all versions up to, and including, 2.1.59. This makes it possible for authenticated attackers, with subscriber-level access and abov...

5.3CVSS5.4AI score0.00406EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/05 12:0 a.m.4 views

WordPress Plugin SportsPress Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

5.3CVSS6.3AI score0.00431EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2024/03/04 12:0 a.m.7 views

Page Builder Sandwich <= 5.1.0 - Missing Authorization to Authenticated(Subscriber+) Arbitrary Post Editing

Description The Page Builder Sandwich – Front End WordPress Page Builder Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'gambitbuildersavecontent' function in all versions up to, and including, 5.1.0. This makes it possible...

6.5CVSS6.5AI score0.00431EPSS
Exploits0References1
NVD
NVD
added 2024/02/29 1:43 a.m.25 views

CVE-2024-1389

The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmsstripeconnecthandleauthorizationreturn function in all versions up to, and...

5.3CVSS5.1AI score0.00519EPSS
Exploits0References3
NVD
NVD
added 2024/02/29 1:43 a.m.25 views

CVE-2024-1322

The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 7.8.4. This makes it possible for...

5.3CVSS5.1AI score0.00524EPSS
Exploits0References3
OSV
OSV
added 2024/02/29 1:43 a.m.6 views

CVE-2024-1218

The Contact Form builder with drag & drop for WordPress – Kali Forms plugin for WordPress is vulnerable to unauthorized access and modification of data via API due to an inconsistent capability check on several REST endpoints in all versions up to, and including, 2.3.41. This makes it possible fo...

5.4CVSS7.3AI score0.00308EPSS
Exploits0References2
NVD
NVD
added 2024/02/29 1:43 a.m.15 views

CVE-2024-1218

The Contact Form builder with drag & drop for WordPress – Kali Forms plugin for WordPress is vulnerable to unauthorized access and modification of data via API due to an inconsistent capability check on several REST endpoints in all versions up to, and including, 2.3.41. This makes it possible fo...

5.4CVSS4.3AI score0.00308EPSS
Exploits0References2
OSV
OSV
added 2024/02/29 1:43 a.m.3 views

CVE-2024-1089

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the optimizeAllOn function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS5.8AI score0.00428EPSS
Exploits0References2
Prion
Prion
added 2024/02/29 1:43 a.m.27 views

Design/Logic Flaw

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'feedzywizardstepprocess' and 'importstatus' functions in all versions up to, and...

4CVSS6.8AI score0.00518EPSS
Exploits0References4
Prion
Prion
added 2024/02/29 1:43 a.m.23 views

Design/Logic Flaw

The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the creatingpricingtablepage function in all versions up to, and including, 2.11.1. Thi...

4CVSS6.8AI score0.00538EPSS
Exploits0References3
Prion
Prion
added 2024/02/29 1:43 a.m.27 views

Design/Logic Flaw

The Contact Form builder with drag & drop for WordPress – Kali Forms plugin for WordPress is vulnerable to unauthorized access and modification of data via API due to an inconsistent capability check on several REST endpoints in all versions up to, and including, 2.3.41. This makes it possible fo...

4CVSS6.9AI score0.00308EPSS
Exploits0References2
Prion
Prion
added 2024/02/29 1:43 a.m.24 views

Design/Logic Flaw

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitreview' function in all versions up to, and including, 5.38.12. This makes it possible for unauthenticated attackers to submit reviews with...

5CVSS7.1AI score0.00409EPSS
Exploits0References2
Prion
Prion
added 2024/02/29 1:43 a.m.22 views

Design/Logic Flaw

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disableOptimization function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with...

4CVSS6.7AI score0.00372EPSS
Exploits0References2
Prion
Prion
added 2024/02/29 1:43 a.m.24 views

Design/Logic Flaw

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the enableOptimization function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with...

4CVSS6.7AI score0.00372EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.3 views

WordPress Plugin ImageRecycle pdf & image compression plugin for WordPress security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.7AI score0.00347EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.3 views

WordPress Plugin ImageRecycle pdf & image compression plugin for WordPress security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.7AI score0.00372EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.3 views

WordPress Plugin ImageRecycle pdf & image compression security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00428EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.4 views

WordPress Plugin RSS Aggregator by Feedzy Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

6.5CVSS6.6AI score0.00518EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.4 views

WordPress Plugin Paid Membership Subscriptions Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00538EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.4 views

WordPress Plugin ImageRecycle pdf & image compression security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00347EPSS
Exploits0References3
Rows per page
Query Builder