Lucene search
+L

25 matches found

RedhatCVE
RedhatCVE
added 2026/02/20 1:26 p.m.7 views

CVE-2026-25005

Authorization Bypass Through User-Controlled Key vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.5...

5.3CVSS5.5AI score0.00325EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/13 9:24 a.m.3 views

CVE-2025-64265 WordPress Frontend File Manager plugin <= 23.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.2...

4.3CVSS6.6AI score0.00184EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-9105

Malicious code in bioql PyPI...

6.5CVSS9AI score0.00268EPSS
Exploits0References2
NVD
NVD
added 2025/04/01 6:15 a.m.21 views

CVE-2025-30613

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in N-Media Nmedia MailChimp nmedia-mailchimp-widget allows Stored XSS.This issue affects Nmedia MailChimp: from n/a through = 5.4...

6.5CVSS0.00268EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/01 5:31 a.m.8 views

CVE-2025-30613 WordPress Nmedia MailChimp plugin <= 5.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in N-Media Nmedia MailChimp nmedia-mailchimp-widget allows Stored XSS.This issue affects Nmedia MailChimp: from n/a through = 5.4...

6.5CVSS7.3AI score0.00268EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/01 5:31 a.m.17 views

CVE-2025-30613 WordPress Nmedia MailChimp plugin <= 5.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in N-Media Nmedia MailChimp nmedia-mailchimp-widget allows Stored XSS.This issue affects Nmedia MailChimp: from n/a through = 5.4...

6.5CVSS0.00268EPSS
Exploits0References1
CVE
CVE
added 2025/04/01 5:31 a.m.52 views

CVE-2025-30613

CVE-2025-30613 is a Stored XSS in N-Media MailChimp Subscription (Nmedia MailChimp) affecting versions up to 5.4; root cause: improper input neutralization during web page generation. CVSS 3.1 base 6.5 (NETWORK, LOW=AV, UI:R). No remediation details or exploitation status provided in the documents.

6.5CVSS7.2AI score0.00268EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.7 views

PT-2025-14040 · Unknown · Nmedia Mailchimp

Name of the Vulnerable Software and Affected Versions: Nmedia MailChimp versions n/a through 5.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means an attacker can inject malicio...

6.5CVSS8.9AI score0.00268EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.4 views

WordPress plugin Nmedia MailChimp 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS7.9AI score0.00268EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/03/27 9:32 p.m.6 views

WordPress Nmedia MailChimp plugin <= 5.4 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin Nmedia MailChimp versions = 5.4...

6.5CVSS6.2AI score0.00268EPSS
Exploits0Affected Software1
Exploit DB
Exploit DB
added 2015/06/05 12:0 a.m.43 views

WordPress Plugin Nmedia WordPress Member Conversation 1.35.0 - &#039;doupload.php&#039; Arbitrary File Upload

source: https://www.securityfocus.com/bid/53790/info The Nmedia WordPress Member Conversation plug-in for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2015/06/05 12:0 a.m.26 views

WordPress Plugin Nmedia WordPress Member Conversation 1.35.0 - doupload.php Arbitrary File Upload

WordPress Plugin Nmedia WordPress Member Conversation 1.35.0 - doupload.php Arbitrary File Upload source: https://www.securityfocus.com/bid/53790/info The Nmedia WordPress Member Conversation plug-in for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue...

0.3AI score
Exploits0
Patchstack
Patchstack
added 2014/08/01 12:0 a.m.13 views

WordPress Nmedia MailChimp Plugin <= 3.1 - XSS

This plugin is prone to a cross site scripting vulnerability in apimailchimp/postToMailChimp.php abspath parameter. Solution Update the plugin...

2.4AI score
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2012/06/20 12:0 a.m.21 views

WordPress Nmedia Member Conversation Plugin Arbitrary File Upload Vulnerability

WordPress Nmedia Member Conversation Plugin is prone to file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS6.7AI score0.12962EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2012/06/20 12:0 a.m.17 views

WordPress Nmedia Users File Uploader Plugin Arbitrary File Upload Vulnerability

WordPress Nmedia Users File Uploader Plugin is prone to file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.3AI score
Exploits0References3
NVD
NVD
added 2012/06/17 3:41 a.m.15 views

CVE-2012-3577

Unrestricted file upload vulnerability in doupload.php in the Nmedia Member Conversation plugin before 1.4 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...

7.5CVSS7.7AI score0.12962EPSS
Exploits1References6
Prion
Prion
added 2012/06/17 3:41 a.m.14 views

Unrestricted file upload

Unrestricted file upload vulnerability in doupload.php in the Nmedia Member Conversation plugin before 1.4 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...

7.5CVSS8.3AI score0.12962EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2012/06/17 1:0 a.m.24 views

CVE-2012-3577

Unrestricted file upload vulnerability in doupload.php in the Nmedia Member Conversation plugin before 1.4 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...

7.7AI score0.12962EPSS
Exploits1References6
CVE
CVE
added 2012/06/17 1:0 a.m.75 views

CVE-2012-3577

The CVE-2012-3577 issue affects the WordPress N‑Media Member Conversation plugin prior to version 1.4. It is an unrestricted file upload in doupload.php that lets remote attackers upload a file with an executable extension and access it at wp-content/uploads/user_uploads, enabling arbitrary code ...

7.5CVSS8AI score0.12962EPSS
Exploits1References6Affected Software1
0day.today
0day.today
added 2012/06/05 12:0 a.m.25 views

Wordpress Plugins - Nmedia user file uploader Shell Upload Vulnerability

Exploit for php platform in category web applications Description : Wordpress Plugins - Nmedia user file uploader Shell Upload Vulnerability Version : 1.8 Link : http://wordpress.org/extend/plugins/nmedia-user-file-uploader/ Plugins :...

7.1AI score
Exploits0
Rows per page
Query Builder