Lucene search
K

10515 matches found

CVE
CVE
added 2024/02/27 11:5 a.m.122 views

CVE-2024-1652

The CVE CVE-2024-1652 affects the Categorify – WordPress Media Library Category & File Manager plugin (versions <= 1.0.7.4). The root cause is a missing capability/authorization check in categorifyAjaxClearCategory, allowing authenticated users with subscriber-level access and above to clear c...

4.3CVSS5.2AI score0.0034EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.4 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00202EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.3 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00202EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.4 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00202EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.16 views

Yuki < 1.3.14 - Missing Authorization to Authenticated (Subscriber+) Theme Setting Reset

Description The Yuki theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the resetcustomizeroptions function in all versions up to, and including, 1.3.13. This makes it possible for authenticated attackers, with subscriber-level access and...

4.3CVSS6.5AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.11 views

Envo's Elementor Templates & Widgets for WooCommerce < 1.4.5 - Subscriber+ Template Creation

Description The plugin is vulnerable to unauthorized modification of data due to a missing capability check on the templatesajaxrequest function, allowing subscribers and higher to create templates...

4.3CVSS4.8AI score0.00457EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.23 views

Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan < 4.52 - Missing Authorization to Unauthenticated IP Address Whitelist

Description The Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the antihackeraddwhitelist function in all versions up to, and including, 4.51...

6.5CVSS6.7AI score0.00378EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.3 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.0034EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.3 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.0034EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.5 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00204EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.5 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.0034EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.6 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.0034EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.364 views

taskhub 2.8.7 - SQL Injection

Exploit Title: taskhub 2.8.7 - SQL Injection Exploit Author: CraCkEr Date: 05/09/2023 Vendor: Infinitie Technologies Vendor Homepage: https://www.infinitietech.com/ Software Link: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Demo: https://taskhub.company/auth...

8CVSS7.9AI score0.00692EPSS
Exploits5
OSV
OSV
added 2024/02/23 7:15 a.m.3 views

CVE-2024-1779

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ztdcfcfchangestatus function in all versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to alter t...

5.3CVSS5.8AI score0.00386EPSS
Exploits0References2
CVE
CVE
added 2024/02/23 6:48 a.m.78 views

CVE-2024-1779

CVE-2024-1779 affects the WordPress plugin “Admin side data storage for Contact Form 7.” The vulnerability stems from a missing capability check in the zt_dcfcf_change_status() function, allowing unauthenticated attackers to modify the read-status of messages. All versions up to and including 1.1...

5.3CVSS6AI score0.00386EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/21 4:9 p.m.16 views

CVE-2024-20325

A vulnerability in the Live Data server of Cisco Unified Intelligence Center could allow an unauthenticated, local attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control implementations o...

5.1CVSS6.5AI score0.00142EPSS
Exploits0References1
Prion
Prion
added 2024/02/21 4:15 a.m.12 views

Design/Logic Flaw

The WooCommerce Google Sheet Connector plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the executepostdata function in all versions up to, and including, 1.3.11. This makes it possible for unauthenticated attackers to update plugin...

5CVSS7AI score0.00431EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/21 3:36 a.m.21 views

CVE-2024-1562 WooCommerce Google Sheet Connector <= 1.3.11 - Missing Authorization

The WooCommerce Google Sheet Connector plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the executepostdata function in all versions up to, and including, 1.3.11. This makes it possible for unauthenticated attackers to update plugin...

5.3CVSS5.3AI score0.00431EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/21 12:0 a.m.4 views

WordPress Plugin WooCommerce Google Sheet Connector Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

5.3CVSS8.6AI score0.00431EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/02/20 6:56 p.m.13 views

CVE-2024-1090

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the stopOptimizeAll function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with subscriber-leve...

4.3CVSS4.3AI score0.00347EPSS
Exploits0References2
Rows per page
Query Builder