19 matches found
SUSE SLES12 Security Update : sqlite3 (SUSE-SU-2026:0955-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0955-1 advisory. Update to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose...
CVE-2025-12167
The Contact Form 7 AWeber Extension plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxaweberlogreset' AJAX endpoint in all versions up to, and including, 0.1.42. This makes it possible for authenticated attackers, with...
CVE-2025-12167
CVE-2025-12167 affects the WordPress plugin “Contact Form 7 AWeber Extension” (versions through 0.1.42). The root cause is a missing capability check on the AJAX endpoint named wp_ajax_aweber_logreset, allowing authenticated users with Subscriber-level access and above to modify data by resetting...
CVE-2025-12167 Contact Form 7 AWeber Extension <= 0.1.42 - Missing Authorization to Authenticated (Subscriber+) Log Reset
The Contact Form 7 AWeber Extension plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxaweberlogreset' AJAX endpoint in all versions up to, and including, 0.1.42. This makes it possible for authenticated attackers, with...
CVE-2025-12167 Contact Form 7 AWeber Extension <= 0.1.42 - Missing Authorization to Authenticated (Subscriber+) Log Reset
The Contact Form 7 AWeber Extension plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxaweberlogreset' AJAX endpoint in all versions up to, and including, 0.1.42. This makes it possible for authenticated attackers, with...
CVE-2011-10033
The WordPress plugin is-human = v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval on user-controlled input, which can lead to execution of...
CVE-2011-10033
The WordPress plugin is-human = v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval on user-controlled input, which can lead to execution of...
CVE-2011-10033 WordPress Plugin is-human <= v1.4.2 Eval Injection RCE
The WordPress plugin is-human = v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval on user-controlled input, which can lead to execution of...
EUVD-2011-5263
The WordPress plugin is-human = v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval on user-controlled input, which can lead to execution of...
CVE-2011-10033
The WordPress plugin is-human = v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval on user-controlled input, which can lead to execution of...
CVE-2011-10033
The CVE-2011-10033 entry concerns WordPress plugin is-human
CVE-2011-10033 WordPress Plugin is-human <= v1.4.2 Eval Injection RCE
The WordPress plugin is-human = v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval on user-controlled input, which can lead to execution of...
PT-2025-42214
The WordPress plugin is-human = v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval on user-controlled input, which can lead to execution of...
Simple Download Monitor < 3.9.6 - Unauthorised Log Reset
The sdmresetlog AJAX action of the plugin does not have any capability and CSRF checks, which could allow any authenticated user such as subscriber, or an attacker performing a CSRF attack against a logged in admin to reset the log entries PoC...
WordPress Simple Download Monitor plugin <= 3.9.5 - Unauthorized Log Reset vulnerability
Unauthorized Log Reset vulnerability discovered by WPScanTeam in WordPress Simple Download Monitor plugin versions = 3.9.5. Solution Update the WordPress Simple Download Monitor plugin to the latest available version at least 3.9.6...
Simple Download Monitor < 3.9.6 - Unauthorised Log Reset
The sdmresetlog AJAX action of the plugin does not have any capability and CSRF checks, which could allow any authenticated user such as subscriber, or an attacker performing a CSRF attack against a logged in admin to reset the log entries...
WordPress Simple Download Monitor plugin <= 3.9.5 - Unauthorized Log Reset vulnerability
Unauthorized Log Reset vulnerability discovered by WPScanTeam in WordPress Simple Download Monitor plugin versions = 3.9.5. Solution Update the WordPress Simple Download Monitor plugin to the latest available version at least 3.9.6...
VulnCheck KEV: CVE-2011-10033
The WordPress plugin is-human = v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval on user-controlled input, which can lead to execution...
WordPress Is-Human Plugin - Remote Command Execution Vulnerability
The vulnerability exists in /is-human/engine.php. It takes control of the eval function via the "type" parameter, when the "action" is set to log-reset. Solution Point the $ishum-get array variable into $ishum-getih and point it to php stored function errorlog if you want to close the execution...