Lucene search
+L

61 matches found

patchstack
patchstack
added 2026/02/20 4:43 p.m.13 views

WordPress Woocommerce Wholesale Lead Capture plugin <= 2.0.3.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Teemu Saarentaus in WordPress Plugin Woocommerce Wholesale Lead Capture versions = 2.0.3.1...

5.4AI score0.0047EPSS
Exploits2Affected Software1
vulncheck_kev
vulncheck_kev
added 2026/02/20 12:0 a.m.7 views

VulnCheck KEV: CVE-2026-27542

Incorrect Privilege Assignment vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture allows Privilege Escalation.This issue affects Woocommerce Wholesale Lead Capture: from n/a through 2.0.3.1...

9.8CVSS5.8AI score0.0054EPSS
In wildExploits1References4
vulncheck_kev
vulncheck_kev
added 2026/02/20 12:0 a.m.6 views

VulnCheck KEV: CVE-2026-27540

Unrestricted Upload of File with Dangerous Type vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture allows Using Malicious Files.This issue affects Woocommerce Wholesale Lead Capture: from n/a through 2.0.3.1...

9CVSS5.8AI score0.0047EPSS
In wildExploits2References4
attackerkb
attackerkb
added 2026/01/22 4:51 p.m.2 views

CVE-2025-49050

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through = 2.5...

8.8CVSS5.6AI score0.0037EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/01/22 12:0 a.m.14 views

WordPress plugin wp-lead-capture has a SQL injection vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.5CVSS5.9AI score0.0037EPSS
Exploits0References1
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-0955

Malware in sbrugna...

4.3CVSS6.4AI score0.01628EPSS
Exploits1References5
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-4830

Malicious code in bioql PyPI...

4.3CVSS9.1AI score0.00184EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-24743

Malicious code in bioql PyPI...

7.5CVSS4.6AI score0.00371EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-13776

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.0014EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/09 3:24 p.m.5 views

CVE-2025-47596

Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Beacon Lead Magnets and Lead Capture beacon-by allows Cross Site Request Forgery.This issue affects Beacon Lead Magnets and Lead Capture: from n/a through = 1.5.8...

4.3CVSS7.2AI score0.0014EPSS
Exploits0References1
nvd
nvd
added 2025/05/07 3:16 p.m.4 views

CVE-2025-47596

Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Beacon Lead Magnets and Lead Capture beacon-by allows Cross Site Request Forgery.This issue affects Beacon Lead Magnets and Lead Capture: from n/a through = 1.5.8...

4.3CVSS0.0014EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/05/07 2:20 p.m.4 views

CVE-2025-47596 WordPress Beacon Lead Magnets and Lead Capture plugin <= 1.5.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Beacon Lead Magnets and Lead Capture beacon-by allows Cross Site Request Forgery.This issue affects Beacon Lead Magnets and Lead Capture: from n/a through = 1.5.8...

4.3CVSS8.5AI score0.0014EPSS
Exploits0References1
cve
cve
added 2025/05/07 2:20 p.m.37 views

CVE-2025-47596

Summary: CVE-2025-47596 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Beacon Lead Magnets and Lead Capture, affecting versions up to 1.5.8. The issue allows CSRF, meaning an attacker could trick an authenticated user into performing unintended actions on a vu...

4.3CVSS7.2AI score0.0014EPSS
Exploits0References1
cvelist
cvelist
added 2025/05/07 2:20 p.m.15 views

CVE-2025-47596 WordPress Beacon Lead Magnets and Lead Capture plugin <= 1.5.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Beacon Lead Magnets and Lead Capture beacon-by allows Cross Site Request Forgery.This issue affects Beacon Lead Magnets and Lead Capture: from n/a through = 1.5.8...

4.3CVSS0.0014EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/05/07 12:0 a.m.4 views

WordPress plugin Beacon Lead Magnets and Lead Capture 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...

4.3CVSS5.8AI score0.0014EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/04/25 4:34 p.m.8 views

CVE-2025-24637

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi Beacon Lead Magnets and Lead Capture beacon-by allows Reflected XSS.This issue affects Beacon Lead Magnets and Lead Capture: from n/a through = 1.5.7...

7.1CVSS5.9AI score0.00257EPSS
Exploits0References1
cvelist
cvelist
added 2025/04/17 3:48 p.m.24 views

CVE-2025-24637 WordPress Beacon Lead Magnets and Lead Capture Plugin <= 1.5.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi Beacon Lead Magnets and Lead Capture beacon-by allows Reflected XSS.This issue affects Beacon Lead Magnets and Lead Capture: from n/a through = 1.5.7...

7.1CVSS0.00257EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/04/17 12:0 a.m.6 views

WordPress plugin Beacon Lead Magnets and Lead Capture 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPre...

7.1CVSS5.9AI score0.00257EPSS
Exploits0References1
osv
osv
added 2025/02/18 5:15 a.m.4 views

CVE-2025-0796

The Mortgage Lead Capture System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.2.10. This is due to missing or incorrect nonce validation on the 'wprequalresetdefaults' action. This makes it possible for unauthenticated attackers to reset...

4.3CVSS7.2AI score0.00184EPSS
Exploits0References2
nvd
nvd
added 2025/02/18 5:15 a.m.19 views

CVE-2025-0796

The Mortgage Lead Capture System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.2.11. This is due to missing or incorrect nonce validation on the 'wprequalresetdefaults' action. This makes it possible for unauthenticated attackers to reset...

4.3CVSS0.00184EPSS
Exploits0References3
Rows per page
Query Builder