Lucene search
K

334 matches found

RedhatCVE
RedhatCVE
added 2025/08/22 8:31 a.m.13 views

CVE-2025-54049

Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP custom-api-for-wp allows Privilege Escalation.This issue affects Custom API for WP: from n/a through = 4.2.2...

9.9CVSS5.9AI score0.00377EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/22 8:31 a.m.13 views

CVE-2025-54048

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in miniOrange Custom API for WP custom-api-for-wp allows SQL Injection.This issue affects Custom API for WP: from n/a through = 4.2.2...

9.3CVSS5.9AI score0.0039EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 8:15 a.m.10 views

CVE-2025-54049

Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP custom-api-for-wp allows Privilege Escalation.This issue affects Custom API for WP: from n/a through = 4.2.2...

9.9CVSS0.00377EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 8:15 a.m.16 views

CVE-2025-54048

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in miniOrange Custom API for WP custom-api-for-wp allows SQL Injection.This issue affects Custom API for WP: from n/a through = 4.2.2...

9.3CVSS0.0039EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 8:15 a.m.3 views

CVE-2025-53561

Path Traversal: '.../...//' vulnerability in miniOrange Prevent files / folders access prevent-file-access allows Path Traversal.This issue affects Prevent files / folders access: from n/a through = 2.6.0...

6.5CVSS0.00396EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:3 a.m.13 views

CVE-2025-53561

CVE-2025-53561: Path traversal vulnerability in WordPress plugin Prevent files / folders access (

6.5CVSS5.9AI score0.00396EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 8:3 a.m.12 views

CVE-2025-53561 WordPress Prevent files / folders access Plugin <= 2.6.0 - Path Traversal Vulnerability

Path Traversal: '.../...//' vulnerability in miniOrange Prevent files / folders access prevent-file-access allows Path Traversal.This issue affects Prevent files / folders access: from n/a through = 2.6.0...

6.5CVSS0.00396EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:2 a.m.23 views

CVE-2025-54048

CVE-2025-54048: WordPress plugin Custom API for WP

9.3CVSS5.9AI score0.0039EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 8:2 a.m.29 views

CVE-2025-54048 WordPress Custom API for WP <= 4.2.2 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in miniOrange Custom API for WP custom-api-for-wp allows SQL Injection.This issue affects Custom API for WP: from n/a through = 4.2.2...

9.3CVSS0.0039EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 8:2 a.m.6 views

CVE-2025-54048 WordPress Custom API for WP <= 4.2.2 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in miniOrange Custom API for WP allows SQL Injection. This issue affects Custom API for WP: from n/a through 4.2.2...

9.3CVSS7.9AI score0.0039EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:2 a.m.31 views

CVE-2025-54049

CVE-2025-54049 describes an Incorrect Privilege Assignment vulnerability in the WordPress plugin Custom API for WP . Affected versions are listed as pre-n/a through 4.2.2 . The vulnerability permits Privilege Escalation within the plugin. Multiple sources (NVD, Red Hat, CVE lists, Patchstack, and...

9.9CVSS5.9AI score0.00377EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.3 views

PT-2025-33982 · Miniorange · Miniorange Prevent Files / Folders Access

Name of the Vulnerable Software and Affected Versions: miniOrange Prevent files / folders access versions n/a through 2.6.0 Description: A path traversal vulnerability exists in miniOrange Prevent files / folders access, allowing attackers to traverse file paths. This issue allows path traversal...

6.5CVSS6.3AI score0.00396EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.6 views

PT-2025-34013 · WordPress · Miniorange Custom Api For Wp

Name of the Vulnerable Software and Affected Versions: miniOrange Custom API for WP versions through 4.2.2 Description: The software contains an improper neutralization of special elements used in an SQL command, leading to a SQL injection issue. This allows for SQL injection attacks...

9.3CVSS7.2AI score0.0039EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.6 views

PT-2025-34014

Name of the Vulnerable Software and Affected Versions: miniOrange Custom API for WP versions through 4.2.2 Description: An incorrect privilege assignment issue in miniOrange Custom API for WP allows privilege escalation. Recommendations: Update miniOrange Custom API for WP to a version later than...

9.9CVSS5.8AI score0.00377EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/06/11 4:3 p.m.6 views

CVE-2025-31019

Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Password Policy Manager password-policy-manager allows Authentication Abuse.This issue affects Password Policy Manager: from n/a through = 2.0.4...

8.8CVSS7.2AI score0.00516EPSS
Exploits0References1
NVD
NVD
added 2025/06/09 4:15 p.m.5 views

CVE-2025-31019

Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Password Policy Manager password-policy-manager allows Authentication Abuse.This issue affects Password Policy Manager: from n/a through = 2.0.4...

8.8CVSS0.00516EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/09 3:56 p.m.24 views

CVE-2025-31019 WordPress Password Policy Manager plugin <= 2.0.4 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Password Policy Manager password-policy-manager allows Authentication Abuse.This issue affects Password Policy Manager: from n/a through = 2.0.4...

8.8CVSS0.00516EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/09 12:0 a.m.6 views

PT-2025-24472 · Miniorange · Miniorange Password Policy Manager

Name of the Vulnerable Software and Affected Versions: miniOrange Password Policy Manager versions 2.0.4 and earlier Description: The issue is related to an Authentication Bypass Using an Alternate Path or Channel, allowing Authentication Abuse. Recommendations: For miniOrange Password Policy...

8.8CVSS7.6AI score0.00516EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/25 1:19 p.m.14 views

CVE-2025-47672

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in miniOrange miniOrange Discord Integration miniorange-discord-integration allows PHP Local File Inclusion.This issue affects miniOrange Discord Integration: from n/a through = 2.2...

8.1CVSS5.9AI score0.00542EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/25 1:19 p.m.14 views

CVE-2025-47670

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through =...

8.1CVSS5.9AI score0.00542EPSS
Exploits0References1
Rows per page
Query Builder