Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:31 a.m.7 views

CVE-2023-25697

Cross-Site Request Forgery CSRF vulnerability in GamiPress.This issue affects GamiPress: from n/a through 2.5.6...

6.3CVSS7AI score0.00191EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-17246

Malicious code in bioql PyPI...

7.6CVSS7.6AI score0.00288EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/08 1:18 p.m.5 views

CVE-2025-49326

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ruben Garcia GamiPress gamipress allows SQL Injection.This issue affects GamiPress: from n/a through = 7.4.5...

7.6CVSS5.9AI score0.00288EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 12:53 p.m.42 views

CVE-2025-49326

CVE-2025-49326 refers to a SQL Injection vulnerability in the WordPress plugin GamiPress . The connected Red Hat entry confirms the root cause as "improper neutralization of special elements used in an SQL Command" and notes the issue affects GamiPress versions up to 7.4.5. Wordfence’s vulnerabil...

7.6CVSS5.9AI score0.00288EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:5 a.m.10 views

CVE-2024-30455

Cross-Site Request Forgery CSRF vulnerability in GamiPress.This issue affects GamiPress: from n/a through 6.8.5...

4.3CVSS8.6AI score0.00212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:28 a.m.6 views

CVE-2023-25715

Missing Authorization vulnerability in GamiPress GamiPress – The 1 gamification plugin to reward points, achievements, badges & ranks in WordPress.This issue affects GamiPress – The 1 gamification plugin to reward points, achievements, badges & ranks in WordPress: from n/a through 2.5.6...

6.5CVSS7.1AI score0.00506EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/15 12:0 a.m.6 views

PT-2025-21516 · WordPress · Gamipress

Name of the Vulnerable Software and Affected Versions: GamiPress versions prior to 1.0.1 Description: The issue concerns the lack of CSRF check when updating settings, which could allow attackers to make a logged-in administrator change them via a CSRF attack. This could potentially permit...

4.3CVSS4.5AI score0.00159EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/05/07 2:20 p.m.8 views

CVE-2025-47508 WordPress GamiPress <= 7.3.7 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Ruben Garcia GamiPress allows PHP Local File Inclusion. This issue affects GamiPress: from n/a through 7.3.7...

7.5CVSS7.7AI score0.0061EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 2:20 p.m.56 views

CVE-2025-47508

The CVE refers to CVE-2025-47508 affecting WordPress GamiPress plugin versions up to 7.3.7. It is an improper control of filenames for include/require statements (PHP Local File Inclusion that can escalate to PHP Local File Inclusion). Affected product: GamiPress plugin for WordPress (

7.5CVSS7.2AI score0.0061EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.9 views

PT-2025-20132 · Gamipress · Gamipress

Name of the Vulnerable Software and Affected Versions: GamiPress versions n/a through 7.3.7 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Local File...

7.5CVSS7.9AI score0.0061EPSS
Exploits0References3
NVD
NVD
added 2025/01/22 11:15 a.m.13 views

CVE-2024-13499

The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via gamipressdoshortcode function in all versions up to, and including, 7.2.1. This is due to the software allowing users to...

7.3CVSS0.00581EPSS
Exploits0References5
CVE
CVE
added 2025/01/22 11:7 a.m.78 views

CVE-2024-13496

The CVE-2024-13496 entry affects the GamiPress – Gamification WordPress plugin. It describes a time-based SQL Injection via the orderby parameter in all versions up to 7.3.1 due to insufficient escaping and query preparation, enabling unauthenticated attackers to append SQL and potentially read s...

7.5CVSS7.9AI score0.02168EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2025/01/22 11:7 a.m.27 views

CVE-2024-13496 GamiPress <= 7.3.1 - Unauthenticated SQL Injection via orderby Parameter

The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 7.3.1 due to insufficient escaping on the user supplied parameter and la...

7.5CVSS0.02168EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/01/22 11:7 a.m.10 views

CVE-2024-13495 GamiPress <= 7.2.1 - Unauthenticated Arbitrary Shortcode Execution via gamipress_ajax_get_logs Function

The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via the gamipressajaxgetlogs function in all versions up to, and including, 7.2.1. This is due to the software allowing users to...

7.3CVSS7.4AI score0.00549EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/01/22 11:7 a.m.10 views

CVE-2024-13499 GamiPress <= 7.2.1 - Unauthenticated Arbitrary Shortcode Execution via gamipress_do_shortcode() Function

The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via gamipressdoshortcode function in all versions up to, and including, 7.2.1. This is due to the software allowing users to...

7.3CVSS7.5AI score0.00581EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/01/22 11:7 a.m.35 views

CVE-2024-13495 GamiPress <= 7.2.1 - Unauthenticated Arbitrary Shortcode Execution via gamipress_ajax_get_logs Function

The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via the gamipressajaxgetlogs function in all versions up to, and including, 7.2.1. This is due to the software allowing users to...

7.3CVSS0.00549EPSS
Exploits0References4
Rows per page
Query Builder