Lucene search
K

4 matches found

EUVD
EUVD
added 2 days ago6 views

EUVD-2026-41426

LobeChat before 2.2.10-canary.18 contains a server-side request forgery vulnerability that allows authenticated attackers to direct internal HTTP requests to arbitrary URLs by supplying user-controlled input to the skill import service importFromUrl and topic cover update fetchImageFromUrl...

8.3CVSS5.9AI score0.00235EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-59095

LobeChat before 2.2.10-canary.18 contains a server-side request forgery vulnerability that allows authenticated attackers to direct internal HTTP requests to arbitrary URLs by supplying user-controlled input to the skill import service importFromUrl and topic cover update fetchImageFromUrl...

8.3CVSS5.9AI score0.00235EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/11 7:16 a.m.8 views

CVE-2025-9539

The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the automatorwpajaximportautomationfromurl function in all versions up to, and...

8CVSS5.9AI score0.00416EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/06/27 12:0 a.m.5 views

PT-2022-14230 · WordPress · Import Export All Wordpress Images

Name of the Vulnerable Software and Affected Versions: Import Export All WordPress Images, Users & Post Types WordPress plugin versions prior to 6.5.3 Description: The issue concerns the lack of full validation for files to be imported via URL, which could allow high-privilege users, such as...

7.2CVSS6.9AI score0.0126EPSS
Exploits2References4
Rows per page
Query Builder