Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.38 views

CVE-2025-1326

The Homey theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the homeyreservationdel function in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete...

4.3CVSS6.6AI score0.002EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-13293

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.002EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-13300

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.002EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/02 12:0 a.m.6 views

PT-2025-18756 · WordPress · Homey

Name of the Vulnerable Software and Affected Versions: Homey theme for WordPress versions up to, and including, 2.4.4 Description: The issue allows authenticated attackers with Subscriber-level access and above to delete other users' accounts due to missing validation on a user-controlled key in...

4.3CVSS5.4AI score0.002EPSS
Exploits0References7
NVD
NVD
added 2025/03/07 2:15 a.m.10 views

CVE-2025-0748

The Homey theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.3. This is due to missing or incorrect nonce validation on the 'homeyverifyusermanually' function. This makes it possible for unauthenticated attackers to update verify an user via a...

4.3CVSS0.00157EPSS
Exploits0References2
Rows per page
Query Builder