Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.14 views

CVE-2022-0164

The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not have authorisation and CSRF checks in its comingsoonsendmail AJAX action, allowing any authenticated users, with a role as low as subscriber to send arbitrary emails to all subscribed users...

4.3CVSS6.7AI score0.00344EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-11398

Malware in sbrugna...

5.4CVSS5.6AI score0.00624EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-42825

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00264EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:33 a.m.8 views

CVE-2023-5798

The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request to it via wpremoteget, which could allow users with a role as low as Editor to perform SSRF attacks...

8.8CVSS6.7AI score0.00694EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/23 4:32 a.m.11 views

CVE-2023-5737

The WordPress Backup & Migration WordPress plugin before 1.4.4 does not authorize some AJAX requests, allowing users with a role as low as Subscriber to update some plugin settings...

4.3CVSS6.7AI score0.00454EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2023/08/14 12:0 a.m.5 views

PT-2023-25413 · WordPress · Simple Author Box

Name of the Vulnerable Software and Affected Versions: The Simple Author Box WordPress plugin versions prior to 2.52 Description: The issue is related to the disclosure of arbitrary user information due to a lack of verification of the user ID before outputting information about that user. This c...

4.3CVSS9.2AI score0.0043EPSS
Exploits2References8
Vulnrichment
Vulnrichment
added 2022/11/28 1:47 p.m.8 views

CVE-2022-3769 OWM Weather < 5.6.9 - Contributor+ SQLi

The OWM Weather WordPress plugin before 5.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as contributor...

9.2AI score0.01053EPSS
Exploits2References2
Rows per page
Query Builder