Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/08/22 8:31 a.m.13 views

CVE-2025-54049

Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP custom-api-for-wp allows Privilege Escalation.This issue affects Custom API for WP: from n/a through = 4.2.2...

9.9CVSS5.9AI score0.00377EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/22 8:31 a.m.13 views

CVE-2025-54048

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in miniOrange Custom API for WP custom-api-for-wp allows SQL Injection.This issue affects Custom API for WP: from n/a through = 4.2.2...

9.3CVSS5.9AI score0.0039EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 8:15 a.m.13 views

CVE-2025-54048

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in miniOrange Custom API for WP custom-api-for-wp allows SQL Injection.This issue affects Custom API for WP: from n/a through = 4.2.2...

9.3CVSS0.0039EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 8:15 a.m.9 views

CVE-2025-54049

Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP custom-api-for-wp allows Privilege Escalation.This issue affects Custom API for WP: from n/a through = 4.2.2...

9.9CVSS0.00377EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 8:2 a.m.6 views

CVE-2025-54048 WordPress Custom API for WP <= 4.2.2 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in miniOrange Custom API for WP allows SQL Injection. This issue affects Custom API for WP: from n/a through 4.2.2...

9.3CVSS7.9AI score0.0039EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:2 a.m.22 views

CVE-2025-54048

CVE-2025-54048: WordPress plugin Custom API for WP

9.3CVSS5.9AI score0.0039EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:2 a.m.29 views

CVE-2025-54049

CVE-2025-54049 describes an Incorrect Privilege Assignment vulnerability in the WordPress plugin Custom API for WP . Affected versions are listed as pre-n/a through 4.2.2 . The vulnerability permits Privilege Escalation within the plugin. Multiple sources (NVD, Red Hat, CVE lists, Patchstack, and...

9.9CVSS5.9AI score0.00377EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.5 views

PT-2025-34013 · WordPress · Miniorange Custom Api For Wp

Name of the Vulnerable Software and Affected Versions: miniOrange Custom API for WP versions through 4.2.2 Description: The software contains an improper neutralization of special elements used in an SQL command, leading to a SQL injection issue. This allows for SQL injection attacks...

9.3CVSS7.2AI score0.0039EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.4 views

PT-2025-34014

Name of the Vulnerable Software and Affected Versions: miniOrange Custom API for WP versions through 4.2.2 Description: An incorrect privilege assignment issue in miniOrange Custom API for WP allows privilege escalation. Recommendations: Update miniOrange Custom API for WP to a version later than...

9.9CVSS5.8AI score0.00377EPSS
Exploits0References6
Rows per page
Query Builder