Lucene search
+L

833 matches found

vulnrichment
vulnrichment
added 2025/12/31 6:0 a.m.6 views

CVE-2025-14434 Ultimate Post Kit < 4.0.16 – Unauthenticated Arbitrary Post Content Disclosure

The Ultimate Post Kit Addons for Elementor WordPress plugin before 4.0.16 exposes multiple AJAX “load more” endpoints such as upkalexgridloadmoreposts without ensuring that posts to be displayed are published authentication. This allows an unauthenticated attacker to query arbitrary posts and...

6.5AI score0.00245EPSS
Exploits0References1
cve
cve
added 2025/12/31 6:0 a.m.19 views

CVE-2025-14434

CVE-2025-14434 affects the WordPress plugin “Ultimate Post Kit Addons for Elementor” (versions prior to 4.0.16). The issue arises from multiple AJAX endpoints (e.g., loadmore posts) that do not verify whether targeted posts are published, enabling an unauthenticated attacker to query arbitrary po...

5.3CVSS6.5AI score0.00245EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/12/31 12:0 a.m.10 views

PT-2025-54283

The Ultimate Post Kit Addons for Elementor WordPress plugin before 4.0.16 exposes multiple AJAX “load more” endpoints such as upk alex grid loadmore posts without ensuring that posts to be displayed are published authentication. This allows an unauthenticated attacker to query arbitrary posts and...

6.9AI score0.00245EPSS
Exploits0References2
patchstack
patchstack
added 2025/12/31 12:0 a.m.9 views

WordPress Ajax Load More plugin < 2.8.1.2 - Subscriber+ File Upload & Deletion vulnerability

Subscriber+ File Upload & Deletion vulnerability discovered by PizzaHatHacker in WordPress Plugin Ajax Load More versions 2.8.1.2...

8.8CVSS5.5AI score0.00984EPSS
Exploits1References1Affected Software1
redhatcve
redhatcve
added 2025/12/17 10:2 a.m.4 views

CVE-2025-64247

Missing Authorization vulnerability in edmon.parker Read More & Accordion expand-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Read More & Accordion: from n/a through = 3.5.5.1...

4.3CVSS5.9AI score0.00192EPSS
Exploits0References1
euvd
euvd
added 2025/12/16 9:31 a.m.4 views

EUVD-2025-203603

Missing Authorization vulnerability in edmon.parker Read More & Accordion expand-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Read More & Accordion: from n/a through = 3.5.4.1...

6.4AI score0.00192EPSS
Exploits0References2
nvd
nvd
added 2025/12/16 9:15 a.m.5 views

CVE-2025-64247

Missing Authorization vulnerability in edmon.parker Read More & Accordion expand-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Read More & Accordion: from n/a through = 3.5.5.1...

4.3CVSS0.00192EPSS
Exploits0References1
cve
cve
added 2025/12/16 8:12 a.m.8 views

CVE-2025-64247

CVE-2025-64247 describes a Missing Authorization vulnerability in the WordPress plugin Read More & Accordion (Expand-maker). The Initial description states impact via unauthorized access due to misconfigured access controls, affecting Read More & Accordion: from n/a through

4.3CVSS5.9AI score0.00192EPSS
Exploits0References1
cvelist
cvelist
added 2025/12/16 8:12 a.m.35 views

CVE-2025-64247 WordPress Read More & Accordion plugin <= 3.5.5.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in edmon.parker Read More & Accordion expand-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Read More & Accordion: from n/a through = 3.5.5.1...

4.3CVSS0.00192EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/12/16 8:12 a.m.1 views

CVE-2025-64247 WordPress Read More & Accordion plugin <= 3.5.5.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in edmon.parker Read More & Accordion expand-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Read More & Accordion: from n/a through = 3.5.5.1...

4.3CVSS5.1AI score0.00192EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/12/16 12:0 a.m.4 views

PT-2025-51395

Name of the Vulnerable Software and Affected Versions edmon.parker Read More & Accordion versions through 3.5.4.1 Description An authorization issue exists in edmon.parker Read More & Accordion expand-maker, allowing exploitation of incorrectly configured access control security levels...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References3
cnnvd
cnnvd
added 2025/12/16 12:0 a.m.4 views

WordPress plugin Read More & Accordion 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an...

4.3CVSS6.4AI score0.00192EPSS
Exploits0References1
patchstack
patchstack
added 2025/12/15 7:6 p.m.5 views

WordPress Read More & Accordion plugin <= 3.5.5.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Read More & Accordion versions = 3.5.5.1...

6.5CVSS7AI score0.00192EPSS
Exploits0Affected Software1
susecve
susecve
added 2025/12/10 12:35 a.m.6 views

SUSE CVE-2023-53825

In the Linux kernel, the following vulnerability has been resolved: kcm: Fix error handling for SOCKDGRAM in kcmsendmsg. syzkaller found a memory leak in kcmsendmsg, and commit c821a88bd720 "kcm: Fix memory leak in error path of kcmsendmsg" suppressed it by updating kcmtxmsghead-lastskb if partia...

5.5CVSS6.2AI score0.00225EPSS
Exploits0References18
nvd
nvd
added 2025/12/09 4:17 p.m.5 views

CVE-2023-53825

In the Linux kernel, the following vulnerability has been resolved: kcm: Fix error handling for SOCKDGRAM in kcmsendmsg. syzkaller found a memory leak in kcmsendmsg, and commit c821a88bd720 "kcm: Fix memory leak in error path of kcmsendmsg" suppressed it by updating kcmtxmsghead-lastskb if partia...

0.00225EPSS
Exploits0References8
osv
osv
added 2025/11/12 7:18 p.m.3 views

MAL-2025-173591 Malicious code in butanah-fipopha-hafufuh (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 295a91161cb8a11c7452c3649a3c576a28043166056086bf68486aa037aaf302 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
osv
osv
added 2025/11/12 4:29 a.m.0 views

MAL-2025-147834 Malicious code in semantic-release-process-alphard-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2909c41dac1a109495cf0ea2e8cb4d523c9f422cf2ee0ae5cd922904f1122860 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
nvd
nvd
added 2025/10/24 1:15 p.m.6 views

CVE-2025-40022

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix incorrect boolean values in afalgctx Commit 1b34cbbf4f01 "crypto: afalg - Disallow concurrent writes in afalgsendmsg" changed some fields from bool to 1-bit bitfields of type u32. However, some assignments to...

0.00213EPSS
Exploits0References9
susecve
susecve
added 2025/10/07 11:49 p.m.4 views

SUSE CVE-2022-50536

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sockput when msg has moredata In tcpbpfsendverdict redirection, the eval variable is assigned to SKREDIRECT after the applybytes data is sent, if msg has moredata, sockput will be called multip...

5.5CVSS6.5AI score0.00158EPSS
Exploits0References4
nvd
nvd
added 2025/10/07 4:15 p.m.5 views

CVE-2022-50536

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sockput when msg has moredata In tcpbpfsendverdict redirection, the eval variable is assigned to SKREDIRECT after the applybytes data is sent, if msg has moredata, sockput will be called multip...

7.8CVSS0.00158EPSS
Exploits0References6
Rows per page
Query Builder