CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Veracode•added 2025/04/07 6:39 a.m.•10 views

Unauthorized Access

pixelfed/pixelfed is vulnerable to Unauthorized Access. The vulnerability is due to insufficient verification of follow requests, allowing unauthorized users to access private posts across Fediverse servers...

Exploits0References6Affected Software1

RedhatCVE•added 2025/03/27 12:18 a.m.•19 views

CVE-2025-30741

Pixelfed before 0.12.5 allows anyone to follow private accounts and see private posts on other Fediverse servers. This affects users elsewhere in the Fediverse, if they otherwise have any followers from a Pixelfed instance...

4.3CVSS7.1AI score0.00179EPSS

Github Security Blog•added 2025/03/25 9:31 p.m.•11 views

Pixelfed may allow unauthorized actor to view private posts and private users

Exploits0References6Affected Software1

OSV•added 2025/03/25 9:31 p.m.•5 views

GHSA-7287-GRHX-542X Pixelfed may allow unauthorized actor to view private posts and private users

4.3CVSS4.5AI score0.00179EPSS

Exploits0References6

NVD•added 2025/03/25 9:15 p.m.•13 views

CVE-2025-30741

4.3CVSS0.00179EPSS

OSV•added 2025/03/25 9:15 p.m.•4 views

CVE-2025-30741

4.3CVSS4.5AI score

CVE•added 2025/03/25 12:0 a.m.•58 views

CVE-2025-30741

CVE-2025-30741 affects Pixelfed before 0.12.5, where insufficient verification of follow requests allows an unauthenticated actor to follow private accounts and view private posts on other Fediverse servers. This can expose private content to users who have followers from a Pixelfed instance. The...

CNNVD•added 2025/03/25 12:0 a.m.•1 views

Pixelfed 安全漏洞

Pixelfed is a free and ethical photo sharing platform from the individual developers of Pixelfed. A security vulnerability exists in versions of Pixelfed prior to 0.12.5 that stems from the fact that anyone can follow private accounts on other Fediverse servers and view private posts...

4.3CVSS6.4AI score0.00179EPSS

Exploits0References6

Cvelist•added 2025/03/25 12:0 a.m.•18 views

CVE-2025-30741

4.3CVSS0.00179EPSS

Vulnrichment•added 2025/03/25 12:0 a.m.•13 views

CVE-2025-30741

RedhatCVE•added 2025/02/05 12:5 p.m.•4 views

CVE-2024-52476

Unrestricted Upload of File with Dangerous Type vulnerability in Stefan Bohacek Fediverse Embeds fediverse-embeds allows Upload a Web Shell to a Web Server.This issue affects Fediverse Embeds: from n/a through = 1.5.3...

10CVSS7.2AI score0.00489EPSS

NVD•added 2024/12/02 2:15 p.m.•5 views

CVE-2024-52476

10CVSS0.00489EPSS

Vulnrichment•added 2024/12/02 1:48 p.m.•12 views

CVE-2024-52476 WordPress Fediverse Embeds plugin <= 1.5.3 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in stefanbohacek Fediverse Embeds allows Upload a Web Shell to a Web Server.This issue affects Fediverse Embeds: from n/a through 1.5.3...

10CVSS9.4AI score0.00489EPSS

CVE•added 2024/12/02 1:48 p.m.•46 views

CVE-2024-52476

CVE-2024-52476 describes an Unrestricted Upload of File with Dangerous Type in the WordPress plugin Fediverse Embeds (versions

10CVSS7.2AI score0.00489EPSS

Cvelist•added 2024/12/02 1:48 p.m.•18 views

CVE-2024-52476 WordPress Fediverse Embeds plugin <= 1.5.3 - Arbitrary File Upload vulnerability

10CVSS0.00489EPSS

Positive Technologies•added 2024/12/02 12:0 a.m.•2 views

PT-2024-35316 · Unknown · Fediverse Embeds

Name of the Vulnerable Software and Affected Versions: Fediverse Embeds versions n/a through 1.5.3 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can lead to the compromise of the web server...

10CVSS9.5AI score0.00489EPSS

CNNVD•added 2024/12/02 12:0 a.m.•3 views

WordPress plugin Fediverse Embeds 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

10CVSS8.5AI score0.00489EPSS