Lucene search
K

7 matches found

Patchstack
Patchstack
added 2026/05/04 1:32 p.m.8 views

WordPress Loco Translate plugin <= 2.8.2 - Authenticated (Translator+) Path Traversal to Limited File Read vulnerability

Authenticated Translator+ Path Traversal to Limited File Read vulnerability discovered by shark3y in WordPress Plugin Loco Translate versions = 2.8.2...

4.9CVSS5.8AI score0.0064EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/18 5:41 a.m.3 views

CVE-2025-11738 Media Library Assistant <= 3.29 - Unauthenticated Limited File Read

The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can...

5.3CVSS5.6AI score0.00383EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/18 5:41 a.m.11 views

CVE-2025-11738 Media Library Assistant <= 3.29 - Unauthenticated Limited File Read

The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can...

5.3CVSS0.00383EPSS
Exploits0References3
CVE
CVE
added 2025/10/18 5:41 a.m.21 views

CVE-2025-11738

CVE-2025-11738 affects the WordPress Media Library Assistant plugin (versions up to 3.29). The vulnerability allows unauthenticated attackers to read arbitrary ai/eps/pdf/ps files on the server via mla-stream-image.php, exposing sensitive information. Wordfence’s vulnerability briefing confirms a...

5.3CVSS5.7AI score0.00383EPSS
Exploits0References3
CNVD
CNVD
added 2025/08/26 12:0 a.m.2 views

Adobe ColdFusion Server-Side Request Forgery Vulnerability

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has a server-side request forgery vulnerability that can be exploited by an attacker t...

2.7CVSS6.6AI score0.00717EPSS
Exploits0References1
CVE
CVE
added 2025/08/18 4:43 p.m.20 views

CVE-2025-54234

CVE-2025-54234 affects Adobe ColdFusion: SSRF allows a high-privilege authenticated attacker to cause the application to fetch arbitrary URLs, potentially enabling a limited file system read. Affected versions include ColdFusion 2025.1, 2023.13, 2021.19 and earlier; exploitation requires no user ...

2.7CVSS7.2AI score0.00717EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/08/18 12:0 a.m.5 views

Adobe ColdFusion 代码问题漏洞

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has a server-side request forgery vulnerability that can be exploited by an attacker t...

2.7CVSS6.5AI score0.00717EPSS
Exploits0References2
Rows per page
Query Builder