Lucene search
+L

53 matches found

Patchstack
Patchstack
added 2025/03/25 12:37 a.m.4 views

WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin 4.11.13-5.25.08 - CSRF to RCE vulnerability

CSRF to RCE vulnerability discovered by luckybuddy in WordPress Plugin EZ SQL Reports Shortcode Widget and DB Backup versions 4.11.13-5.25.08...

8.8CVSS7.6AI score0.00343EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/03/25 12:0 a.m.6 views

WordPress plugin EZ SQL Reports Shortcode Widget and DB Backup 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS8.9AI score0.00343EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2025/02/27 2:31 p.m.5 views

CVE-2025-26887

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup elisqlreports allows Stored XSS.This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through = 5.21.35...

6.5CVSS7.3AI score0.00236EPSS
Exploits0References1
NVD
NVD
added 2025/02/25 3:15 p.m.4 views

CVE-2025-26887

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup elisqlreports allows Stored XSS.This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through = 5.21.35...

6.5CVSS0.00236EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/25 2:17 p.m.14 views

CVE-2025-26887 WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.21.35 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup elisqlreports allows Stored XSS.This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through = 5.21.35...

6.5CVSS0.00236EPSS
Exploits0References1
CVE
CVE
added 2025/02/25 2:17 p.m.64 views

CVE-2025-26887

CVE-2025-26887 is a Stored XSS in EZ SQL Reports Shortcode Widget and DB Backup for WordPress. Affected: EZ SQL Reports Shortcode Widget and DB Backup (vulnerable range up to 5.21.35). Root cause per description: Improper Neutralization of Input During Web Page Generation (XSS). Impact details in...

6.5CVSS7.3AI score0.00236EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/25 12:0 a.m.2 views

WordPress plugin EZ SQL Reports Shortcode Widget and DB Backup 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS8.6AI score0.00236EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/02/22 4:11 p.m.4 views

WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.21.35 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin EZ SQL Reports Shortcode Widget and DB Backup versions = 5.21.35...

6.5CVSS6.7AI score0.00236EPSS
Exploits0Affected Software1
NVD
NVD
added 2022/03/28 6:15 p.m.26 views

CVE-2022-0833

The Church Admin WordPress plugin before 3.4.135 does not have authorisation and CSRF in some of its action as well as requested files, allowing unauthenticated attackers to repeatedly request the "refresh-backup" action, and simultaneously keep requesting a publicly accessible temporary file...

4.3CVSS0.00487EPSS
Exploits2References1
CVE
CVE
added 2018/10/05 5:0 a.m.49 views

CVE-2014-10076

CVE-2014-10076 affects the WordPress plugin WP-DB-Backup (v2.2.4). The vulnerability arises because access control relies on a five-character string, enabling remote attackers to read backup archives via brute-force. Documents consistently describe this as a credential/authorization weakness allo...

7.5CVSS7.3AI score0.02444EPSS
Exploits1References1Affected Software1
Openbugbounty
Openbugbounty
added 2018/09/12 7:35 p.m.9 views

studio.dopetv.ng Improper Access Control vulnerability

Open Bug Bounty ID: OBB-675904 Description| Value ---|--- Affected Website:| studio.dopetv.ng Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...

Exploits0
Dsquare
Dsquare
added 2017/10/15 12:0 a.m.175 views

WordPress EZ SQL Reports Shortcode Widget and DB Backup SQL Injection

SQL Injection vulnerability in WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin shortcode parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

0.6AI score
Exploits0
Dsquare
Dsquare
added 2017/10/15 12:0 a.m.249 views

WordPress EZ SQL Reports Shortcode Widget and DB Backup RCE

Remote command execution vulnerability in WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin shortcode parameter Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

0.7AI score
Exploits0
CVE
CVE
added 2017/09/12 10:0 p.m.49 views

CVE-2015-9230

The CVE-2015-9230 entry relates to the BulletProof Security WordPress plugin. Affected component: admin/db-backup-security/db-backup-security.php. Root cause: cross-site scripting (XSS) vulnerability via the DBTablePrefix parameter in plugin versions prior to 0.52.5, exploitable by remote authent...

4.8CVSS4.7AI score0.01576EPSS
Exploits1References7Affected Software1
seebug.org
seebug.org
added 2016/05/30 12:0 a.m.18 views

WordPress DB Backup Plugin 任意文件下载

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/10/02 12:0 a.m.28 views

WordPress DB-Backup Plugin 4.5 /download.php 任意文件下载漏洞

No description provided by source...

7.1AI score
Exploits0
NVD
NVD
added 2014/12/31 10:59 p.m.22 views

CVE-2014-9119

Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...

5CVSS6.6AI score0.16117EPSS
Exploits1References3
Prion
Prion
added 2014/12/31 10:59 p.m.11 views

Directory traversal

Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...

5CVSS7.2AI score0.16117EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2014/12/31 10:0 p.m.77 views

CVE-2014-9119

CVE-2014-9119 affects WordPress DB Backup Plugin (version 4.5 and earlier). A local file inclusion / directory traversal flaw exists in download.php, permitting an attacker to read arbitrary server files by manipulating the file parameter (e.g., via path traversal). The NUCLEI template and relate...

5CVSS9.1AI score0.16117EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2014/12/31 10:0 p.m.24 views

CVE-2014-9119

Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...

9.3AI score0.16117EPSS
Exploits1References3
Rows per page
Query Builder