CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in FULL SERVICES FULL Customer full-customer allows PHP Local File Inclusion.This issue affects FULL Customer: from n/a through = 3.1.26...

7.5CVSS5.8AI score0.00501EPSS

Exploits0References1

NVD•added 2025/02/22 4:15 p.m.•6 views

CVE-2025-26757

7.5CVSS0.00501EPSS

Exploits0References1

Vulnrichment•added 2025/02/22 3:52 p.m.•9 views

CVE-2025-26757 WordPress FULL – Cliente plugin <= 3.1.26 - Local File Inclusion vulnerability

7.5CVSS5.3AI score0.00501EPSS

Exploits0References1

CVE•added 2025/02/22 3:52 p.m.•51 views

CVE-2025-26757

CVE-2025-26757 concerns the WordPress plugin FULL Customer (FULL) – Cliente plugin

7.5CVSS5.8AI score0.00501EPSS

Exploits0References1

CNNVD•added 2025/02/22 12:0 a.m.•1 views

WordPress plugin FULL Customer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS6.8AI score0.00501EPSS

Exploits0References2

Patchstack•added 2025/02/14 2:38 p.m.•2 views

WordPress FULL – Cliente plugin <= 3.1.26 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin FULL Customer versions = 3.1.26...

7.5CVSS7AI score0.00501EPSS

Exploits0Affected Software1

NVD•added 2024/12/13 3:15 p.m.•9 views

CVE-2024-54313

Path Traversal vulnerability in FULL. FULL Customer allows Path Traversal.This issue affects FULL Customer: from n/a through 3.1.25...

6.5CVSS0.01045EPSS

Exploits0References1

CVE•added 2024/12/13 2:25 p.m.•38 views

CVE-2024-54313

CVE-2024-54313 is a path traversal/LFI vulnerability in the FULL – Cliente WordPress plugin. The vulnerability affects versions up to and including 3.1.25 and is reported as an authenticated issue (requires at least Contributor+ privileges). The root cause is local file inclusion via improper pat...

6.5CVSS8.6AI score0.01045EPSS

Exploits0References1

Vulnrichment•added 2024/12/13 2:25 p.m.•7 views

CVE-2024-54313 WordPress FULL – Cliente plugin <= 3.1.25 - Local File Inclusion vulnerability

Path Traversal vulnerability in FULL. FULL Customer allows Path Traversal.This issue affects FULL Customer: from n/a through 3.1.25...

6.5CVSS6.9AI score0.01045EPSS

Exploits0References1

CNNVD•added 2024/12/13 12:0 a.m.•1 views

WordPress plugin FULL Customer 安全漏洞

6.5CVSS8.5AI score0.01045EPSS

Exploits0References1

Positive Technologies•added 2024/12/13 12:0 a.m.•2 views

PT-2024-36195 · Full · Full

Name of the Vulnerable Software and Affected Versions: FULL Customer versions 3.1.25 and earlier Description: The issue is related to a Path Traversal vulnerability. This allows for unauthorized access to files and directories. The estimated number of potentially affected devices is not specified...

6.5CVSS6.9AI score0.01045EPSS

Exploits0References3

Patchstack•added 2024/12/11 8:21 p.m.•2 views

WordPress FULL – Cliente plugin <= 3.1.25 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin FULL Customer versions = 3.1.25...

6.5CVSS7AI score0.01045EPSS

Exploits0Affected Software1

Patchstack•added 2024/10/10 8:21 p.m.•2 views

WordPress FULL Cliente plugin <= 3.1.22 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin FULL Customer versions = 3.1.22...

6.1CVSS6.3AI score0.01902EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/07/10 12:0 a.m.•3 views

WordPress FULL Customer Plugin <= 3.1.12 is vulnerable to Cross Site Scripting (XSS)

Software FULL Customer Type Plugin Vulnerable versions = 3.1.12 Fixed in 3.1.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6447 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d63d6fb916ff Credits stealthcopter...

7.2CVSS5.7AI score0.01659EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2023/08/08 12:0 a.m.•2 views

PT-2023-28336 · WordPress · Full - Customer

Name of the Vulnerable Software and Affected Versions: The FULL - Customer plugin for WordPress versions up to, and including, 2.2.3 Description: The issue allows authenticated attackers with subscriber-level permissions and above to execute code by installing plugins from arbitrary remote...

8.8CVSS8.9AI score0.00959EPSS

Exploits0References9

Positive Technologies•added 2023/08/08 12:0 a.m.•3 views

PT-2023-28332 · WordPress · Full - Customer

Name of the Vulnerable Software and Affected Versions: The FULL - Customer plugin for WordPress versions up to, and including, 2.2.3 Description: The issue allows authenticated attackers with subscriber-level permissions and above to obtain sensitive information about the site configuration as...

4.3CVSS5.2AI score0.00125EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by