Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.11 views

PT-2024-2953

Name of the Vulnerable Software and Affected Versions WordPress versions prior to 6.4.3 WordPress versions 6.3.3, 6.2.4, 6.1.5, 6.0.7, 5.9.9, 5.8.9, 5.7.11, 5.6.13, 5.5.14, 5.4.15, 5.3.17, 5.2.20, 5.1.18, 5.0.21, 4.9.25, 2.8.24, 4.7.28, 4.6.28, 4.5.31, 4.4.32, 4.3.33, 4.2.37, and 4.1.40 Descripti...

8.8CVSS6.7AI score0.79527EPSS
Exploits13References37
Cvelist
Cvelist
added 2024/01/16 3:50 p.m.32 views

CVE-2022-1538 Theme-Demo-Importer < 1.1.1 - Admin+ Arbitrary File Upload

Theme Demo Import WordPress plugin before 1.1.1 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files such as PHP even when FILEMODS and FILEEDIT are disallowed...

7.2AI score0.012EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/04/04 4:15 p.m.8 views

CVE-2022-0537

The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the DISALLOWFILEEDIT and DISALLOWFILEMODS settings and upload arbitrary files to the site through the "ajaxsave" function. The file is written relative to the current 's stylesheet directory, and a .php...

7.2CVSS7AI score0.01484EPSS
Exploits2References2
CNNVD
CNNVD
added 2022/04/04 12:0 a.m.33 views

WordPress plugin MapPress Maps代码问题漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress MapPress Maps plugin has an authorization problem vulnerability that stems from a lack of authentication measures or...

7.2CVSS5.8AI score0.01484EPSS
Exploits2References2
Rows per page
Query Builder