CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Patchstack•added 2025/07/18 4:7 a.m.•4 views

WordPress aapanel WP Toolkit plugin 1.0 - 1.1 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via auto_login() Function vulnerability

WordPress aapanel WP Toolkit plugin 1.0 - 1.1 - Missing Authorization to Authenticated Subscriber+ Privilege Escalation via autologin Function vulnerability discovered by kr0d in WordPress Plugin aapanel WP Toolkit versions 1.0 - 1.1...

8.8CVSS6.8AI score0.00241EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/06/11 1:40 a.m.•9 views

WordPress CubeWP Framework plugin <= 1.1.23 - Authenticated (Subscriber+) Privilege Escalation vulnerability

Authenticated Subscriber+ Privilege Escalation vulnerability discovered by Foxyyy in WordPress Plugin CubeWP versions = 1.1.23...

8.8CVSS6.7AI score0.00241EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/05/30 9:32 p.m.•6 views

WordPress Offsprout Page Builder plugin 2.2.1-2.15.2 - Authenticated (Contributor+) Privilege Escalation via permission_callback Function

Authenticated Contributor+ Privilege Escalation via permissioncallback Function vulnerability discovered by kr0d in WordPress Plugin Offsprout Page Builder versions 2.2.1-2.15.2...

8.8CVSS6.5AI score0.00331EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/05/19 2:25 a.m.•4 views

WordPress Sensei LMS plugin < 4.20.0 - Teacher+ Users Email Address Disclosure vulnerability

Teacher+ Users Email Address Disclosure vulnerability discovered by Li Xuhang in WordPress Plugin Sensei LMS versions 4.20.0...

4.3CVSS6.8AI score0.00179EPSS

Exploits1References1Affected Software1

Patchstack•added 2025/05/19 12:36 a.m.•3 views

WordPress WP ERP plugin < 1.13.4 - Custom+ Unauthorized Access to Terminated Employee Information vulnerability

Custom+ Unauthorized Access to Terminated Employee Information vulnerability discovered by Pedro Cuco Illex in WordPress Plugin WP ERP versions 1.13.4...

7.5CVSS6.7AI score0.00306EPSS

Exploits1References1Affected Software1

Patchstack•added 2025/05/06 8:43 p.m.•3 views

WordPress PeproDev Ultimate Profile Solutions 1.9.1-7.5.2 plugin - Authentication Bypass to Account Takeover

Authentication Bypass to Account Takeover vulnerability discovered by kr0d in WordPress Plugin PeproDev Ultimate Profile Solutions versions 1.9.1-7.5.2...

9.8CVSS8.2AI score0.00848EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/04/30 8:6 p.m.•7 views

WordPress Page View Count plugin 2.8.0-2.8.4 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update

Missing Authorization to Authenticated Subscriber+ Limited Options Update vulnerability discovered by kr0d in WordPress Plugin Page View Count versions 2.8.0-2.8.4...

8.1CVSS8.6AI score0.00227EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/04/17 5:22 p.m.•5 views

WordPress Avatar plugin <= 0.1.4 - Authenticated (Subscriber+) Arbitrary File Deletion vulnerability

Authenticated Subscriber+ Arbitrary File Deletion vulnerability discovered by theviper17y in WordPress Plugin Avatar versions = 0.1.4...

8.1CVSS8.4AI score0.05138EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/04/09 10:10 p.m.•4 views

WordPress Embedder plugin 1.3-1.3.5 - Authenticated (Subscriber+) Arbitrary Options Update vulnerability

Authenticated Subscriber+ Arbitrary Options Update vulnerability discovered by kr0d in WordPress Plugin Embedder versions 1.3-1.3.5...

8.8CVSS8.3AI score0.0034EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by