6 matches found
EUVD-2024-37571
Malicious code in bioql PyPI...
CVE-2024-38720
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in EazyDocs eazydocs allows Stored XSS.This issue affects EazyDocs: from n/a through 2.5.0...
CVE-2024-38721
Missing Authorization vulnerability in spider-themes EazyDocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EazyDocs: from n/a through 2.5.0...
CVE-2023-47648
Missing Authorization vulnerability in Spider Themes EazyDocs eazydocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EazyDocs: from n/a through = 2.3.5...
CVE-2024-54376 WordPress EazyDocs plugin <= 2.5.5 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Spider-themes EazyDocs.This issue affects EazyDocs: from n/a through 2.5.5...
CVE-2024-0248 EazyDocs < 2.4.0 - Subscriber+ Arbitrary Posts Deletion and Document Management
The EazyDocs WordPress plugin before 2.4.0 re-introduced CVE-2023-6029 https://wpscan.com/vulnerability/7a0aaf85-8130-4fd7-8f09-f8edc929597e/ in 2.3.8, allowing any authenticated users, such as subscriber to delete arbitrary posts, as well as add and delete documents/sections. The issue was...