CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

45 matches found

RedhatCVE•added 2026/03/26 5:2 p.m.•5 views

CVE-2026-32524

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr-sync allows Upload a Web Shell to a Web Server.This issue affects Photo Engine: from n/a through = 6.4.9...

9.1CVSS5.8AI score0.00332EPSS

Exploits0References1

NVD•added 2026/03/25 5:17 p.m.•2 views

CVE-2026-32524

9.1CVSS0.00332EPSS

Exploits0References1

ATTACKERKB•added 2026/03/25 4:15 p.m.•1 views

CVE-2026-32524

5.8AI score0.00332EPSS

Exploits0References2

Vulnrichment•added 2026/03/25 4:15 p.m.•0 views

CVE-2026-32524 WordPress Photo Engine plugin <= 6.4.9 - Arbitrary File Upload vulnerability

5.8AI score0.00332EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:15 p.m.•23 views

CVE-2026-32524 WordPress Photo Engine plugin <= 6.4.9 - Arbitrary File Upload vulnerability

9.1CVSS0.00332EPSS

Exploits0References1

CVE•added 2026/03/25 4:15 p.m.•11 views

CVE-2026-32524

CVE-2026-32524 : WordPress Photo Engine (WPLR-Sync) suffers an Unrestricted Upload of File with Dangerous Type vulnerability. The Wordfence report confirms the issue as an Arbitrary File Upload in Photo Engine (Media Organizer & Lightroom) <= 6.4.9, exploitable by authenticated users with Auth...

9.1CVSS5.8AI score0.00332EPSS

Exploits0References1

CNNVD•added 2026/03/25 12:0 a.m.•4 views

WordPress plugin Photo Engine 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.1CVSS5.9AI score0.00332EPSS

Exploits0References1

Patchstack•added 2026/03/20 8:42 p.m.•4 views

WordPress Photo Engine plugin <= 6.4.9 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Photo Engine versions = 6.4.9...

9.1CVSS5.8AI score0.00332EPSS

Exploits0Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-42313

Malicious code in bioql PyPI...

5.4CVSS6.7AI score0.00323EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-38165

Malicious code in bioql PyPI...

5.9CVSS6.6AI score0.00244EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-24721

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00135EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-40224

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.0053EPSS

Exploits0References1

RedhatCVE•added 2025/08/16 11:25 a.m.•4 views

CVE-2025-54672

Cross-Site Request Forgery CSRF vulnerability in Jordy Meow Photo Engine wplr-sync allows Cross Site Request Forgery.This issue affects Photo Engine: from n/a through = 6.4.3...

4.3CVSS5.9AI score0.00135EPSS

Exploits0References1

NVD•added 2025/08/14 11:15 a.m.•3 views

CVE-2025-54672

Cross-Site Request Forgery CSRF vulnerability in Jordy Meow Photo Engine wplr-sync allows Cross Site Request Forgery.This issue affects Photo Engine: from n/a through = 6.4.3...

4.3CVSS0.00135EPSS

Exploits0References1

CVE•added 2025/08/14 10:34 a.m.•13 views

CVE-2025-54672

CVE-2025-54672 is a CSRF vulnerability in the WordPress plugin Photo Engine (Jordy Meow) affecting versions up to and including 6.4.3. The initial entry lists a CVSSv3.1 base score of 4.3 (Medium) with network access and user interaction required. Connected sources corroborate the issue as a Cros...

4.3CVSS5.9AI score0.00135EPSS

Exploits0References1

Cvelist•added 2025/08/14 10:34 a.m.•10 views

CVE-2025-54672 WordPress Photo Engine Plugin plugin <= 6.4.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Jordy Meow Photo Engine wplr-sync allows Cross Site Request Forgery.This issue affects Photo Engine: from n/a through = 6.4.3...

4.3CVSS0.00135EPSS

Exploits0References1

Vulnrichment•added 2025/08/14 10:34 a.m.•2 views

CVE-2025-54672 WordPress Photo Engine Plugin plugin <= 6.4.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Jordy Meow Photo Engine wplr-sync allows Cross Site Request Forgery.This issue affects Photo Engine: from n/a through = 6.4.3...

4.3CVSS5.9AI score0.00135EPSS

Exploits0References1

Positive Technologies•added 2025/08/14 12:0 a.m.•4 views

PT-2025-33225 · Unknown · Jordy Meow Photo Engine

Name of the Vulnerable Software and Affected Versions: Jordy Meow Photo Engine versions n/d through 6.4.3 Description: The software contains a Cross-Site Request Forgery CSRF flaw. This issue allows attackers to perform actions on behalf of authenticated users without their knowledge...

4.3CVSS6.4AI score0.00135EPSS

Exploits0References4

CNNVD•added 2025/08/14 12:0 a.m.•2 views

WordPress plugin Photo Engine 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

4.3CVSS6.5AI score0.00135EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:47 a.m.•10 views

CVE-2024-43332

Missing Authorization vulnerability in Jordy Meow Photo Engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photo Engine: from n/a through 6.4.0...

8.8CVSS6.9AI score0.0053EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by