CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

482 matches found

Cvelist•added 2022/02/21 10:46 a.m.•11 views

CVE-2022-0313 Float Menu < 4.3.1 - Arbitrary Menu Deletion via CSRF

The Float menu WordPress plugin before 4.3.1 does not have CSRF check in place when deleting menu, which could allow attackers to make a logged in admin delete them via a CSRF attack...

4.9AI score0.00103EPSS

Exploits2References2

CNNVD•added 2022/02/21 12:0 a.m.•1 views

WordPress 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the Wordpress plugin Float menu, which stems fr...

4.3CVSS5.5AI score0.00103EPSS

Exploits2References4

CNNVD•added 2022/02/17 12:0 a.m.•1 views

PHP 资源管理错误漏洞

PHP is a scripting language that executes on the server side. A resource management error vulnerability exists in php that stems from a UAF in phpfilterfloat that results in an integer failure...

9.8CVSS7.5AI score0.00218EPSS

Exploits1References20

Tenable Nessus•added 2022/02/07 12:0 a.m.•16 views

Rockwell Automation Micrologix Improper Access Control (CVE-2017-14470)

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

10CVSS7.3AI score0.42565EPSS

Exploits1References3

wpexploit•added 2022/01/24 12:0 a.m.•113 views

Float Menu < 4.3.1 - Arbitrary Menu Deletion via CSRF

The plugin does not have CSRF check in place when deleting menu, which could allow attackers to make a logged in admin delete them via a CSRF attack https://example.com/wp-admin/admin.php?page=float-menu&info=delete&did=1...

4.3CVSS4AI score0.00103EPSS

Exploits2References1

WPVulnDB•added 2022/01/24 12:0 a.m.•20 views

Float Menu < 4.3.1 - Arbitrary Menu Deletion via CSRF

The plugin does not have CSRF check in place when deleting menu, which could allow attackers to make a logged in admin delete them via a CSRF attack PoC https://example.com/wp-admin/admin.php?page=float-menu=delete=1...

4.3CVSS3.9AI score0.00103EPSS

Exploits2References1Affected Software1

Patchstack•added 2022/01/24 12:0 a.m.•32 views

WordPress Float menu plugin <= 4.3 - Arbitrary Menu Deletion via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Menu Deletion via Cross-Site Request Forgery CSRF vulnerability discovered by Krzysztof Zając in WordPress Float menu plugin versions = 4.3. Solution Update the WordPress Float menu plugin to the latest available version at least 4.3.1...

4.3CVSS4.5AI score0.00103EPSS

Exploits2References3Affected Software1

OSV•added 2021/12/31 12:0 a.m.•1 views

UBUNTU-CVE-2021-21708

In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTERVALIDATEFLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in...

9.8CVSS7AI score0.00218EPSS

Exploits1References6

vulnersOsv•added 2021/08/25 8:50 p.m.•1 views

adi (>=0.4.0 <=0.6.0), adi_screen (>=0.3.0 <=0.7.0) +167 more potentially affected by CVE-2020-35923 via ordered-float (>=0.2.3 <=1.0.2)

ordered-float CARGO version =0.2.3, =0.4.0, =0.3.0, =0.7.5, =0.6.0, =0.1.0, =0.1.0, =0.1.1, =0.2.0, =3.1.3, =0.1.1, =0.9.0, =0.23.0 and more Source cves: CVE-2020-35923 Source advisory: OSV:GHSA-566X-HHRF-QF8M...

5.5CVSS6AI score0.00135EPSS

Exploits1

OSV•added 2021/08/23 10:15 p.m.•5 views

CVE-2020-18774