Lucene search
+L

210 matches found

Vulnrichment
Vulnrichment
added 2025/11/01 4:27 a.m.5 views

CVE-2025-11377 List category posts <= 0.92.0 - Authenticated (Contributor+) Information Exposure

The List category posts plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 0.92.0 via the 'catlist' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with contributor-level...

4.3CVSS5.6AI score0.00207EPSS
Exploits0References2
NVD
NVD
added 2025/10/15 9:15 a.m.11 views

CVE-2025-11701

The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the zacreatezipcallback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to...

5.3CVSS0.00267EPSS
Exploits0References3
CVE
CVE
added 2025/10/15 8:26 a.m.16 views

CVE-2025-11701

CVE-2025-11701 refers to the WordPress plugin Zip Attachments (versions

5.3CVSS5.1AI score0.00267EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/15 8:26 a.m.3 views

CVE-2025-11701 Zip Attachments <= 1.6 - Missing Authorization to Unauthenticated Private And Password-Protected Posts Attachment Disclosure

The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the zacreatezipcallback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to...

5.3CVSS5.1AI score0.00267EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/15 8:26 a.m.13 views

CVE-2025-11701 Zip Attachments <= 1.6 - Missing Authorization to Unauthenticated Private And Password-Protected Posts Attachment Disclosure

The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the zacreatezipcallback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to...

5.3CVSS0.00267EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/10/15 12:31 a.m.8 views

WordPress Zip Attachments plugin <= 1.6 - Missing Authorization to Unauthenticated Private And Password-Protected Posts Attachment Disclosure vulnerability

Missing Authorization to Unauthenticated Private And Password-Protected Posts Attachment Disclosure vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Zip Attachments versions = 1.6...

5.3CVSS7AI score0.00267EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-7403

Malicious code in bioql PyPI...

6.5CVSS9.2AI score0.00304EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-17700

Malicious code in bioql PyPI...

5.3CVSS8.8AI score0.00523EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-16389

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.004EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.36 views

EUVD-2025-27058

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00255EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-31902

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00573EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-16385

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00285EPSS
Exploits0References3
CVE
CVE
added 2025/09/26 4:25 a.m.27 views

CVE-2025-9984

CVE-2025-9984 (FIFU, Featured Image from URL, WordPress) : The FIFU plugin is vulnerable to an unauthorized access exposure due to a missing capability check in fifu_api_debug_posts(). This allows unauthenticated attackers to read private/password protected posts in all versions up to 5.2.7. Conn...

5.3CVSS4.9AI score0.00275EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/08 2:9 a.m.12 views

CVE-2025-7368

The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to Information Exposure in all versions up to, and including, 19.9.7 via the 'ajaxactionregetfullcontent' function due to insufficient restrictions on which posts can be included. This makes i...

5.3CVSS6.3AI score0.00255EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/06 1:45 a.m.5 views

CVE-2025-7368 Rehub <= 19.9.7 - Unauthenticated Password Protected Post Disclosure

The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to Information Exposure in all versions up to, and including, 19.9.7 via the 'ajaxactionregetfullcontent' function due to insufficient restrictions on which posts can be included. This makes i...

5.3CVSS5.8AI score0.00255EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/06 1:45 a.m.32 views

CVE-2025-7368 Rehub <= 19.9.7 - Unauthenticated Password Protected Post Disclosure

The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to Information Exposure in all versions up to, and including, 19.9.7 via the 'ajaxactionregetfullcontent' function due to insufficient restrictions on which posts can be included. This makes i...

5.3CVSS0.00255EPSS
Exploits0References2
CVE
CVE
added 2025/09/06 1:45 a.m.25 views

CVE-2025-7368

CVE-2025-7368 — REHub WordPress Theme: Unauthenticated information exposure in REHub up to version 19.9.7 due to insufficient restrictions in the ajax_action_re_getfullcontent path, allowing access to password-protected post data. Affected: REHub Theme for WordPress (versions ≤ 19.9.7). Root caus...

5.3CVSS5.8AI score0.00255EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/06 12:0 a.m.7 views

PT-2025-36348

Name of the Vulnerable Software and Affected Versions: REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme versions prior to 19.9.8 Description: The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme for WordPress is susceptible to information exposure due to...

5.3CVSS6.1AI score0.00255EPSS
Exploits0References7
Patchstack
Patchstack
added 2025/09/05 11:49 p.m.7 views

WordPress Rehub theme <= 19.9.7 - Unauthenticated Password Protected Post Disclosure vulnerability

Unauthenticated Password Protected Post Disclosure vulnerability discovered by stealthcopter in WordPress Theme Rehub versions = 19.9.7...

5.3CVSS7AI score0.00255EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/08/15 9:15 a.m.23 views

CVE-2025-8091

The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the addsingleeventon and addeventon shortcodes due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to...

4.3CVSS0.00404EPSS
Exploits0References7
Rows per page
Query Builder