Lucene search
K

28 matches found

Vulnrichment
Vulnrichment
added 2025/01/15 3:23 p.m.8 views

CVE-2025-22729 WordPress VOD Infomaniak plugin <= 1.5.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in Infomaniak Staff VOD Infomaniak allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VOD Infomaniak: from n/a through 1.5.9...

4.3CVSS7.2AI score0.0033EPSS
Exploits0References1
CVE
CVE
added 2024/12/18 6:57 p.m.58 views

CVE-2024-56048

CVE-2024-56048 affects WPLMS (WordPress LMS) up to version 1.9.9. The vulnerability is a Missing Authorization/Unauthenticated Privilege Escalation that allows updating privileged options and accessing restricted functionality, with reported exploitation in multiple disclosures. Several connected...

8.8CVSS7.2AI score0.00594EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/12/09 11:30 a.m.17 views

CVE-2023-32293 WordPress WRC Pricing Tables plugin <= 2.3.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Realwebcare WRC Pricing Tables allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WRC Pricing Tables: from n/a through 2.3.7...

5.3CVSS0.00501EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/01 2:17 p.m.15 views

CVE-2024-43297 WordPress Clone plugin <= 2.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.4.5...

4.3CVSS0.0044EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/09 12:47 p.m.17 views

CVE-2024-32805 WordPress Social Snap plugin <= 1.3.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Social Snap.This issue affects Social Snap: from n/a through 1.3.5...

6.5CVSS0.00355EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/28 12:0 a.m.6 views

PT-2023-16700 · WordPress · Wp Meta Seo

Name of the Vulnerable Software and Affected Versions: WP Meta SEO plugin for WordPress versions up to, and including, 4.5.3 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the setIgnore function. This allows unauthenticated attacker...

4.3CVSS5.3AI score0.00316EPSS
Exploits0References8
Cvelist
Cvelist
added 2022/03/07 8:16 a.m.27 views

CVE-2022-0442 UsersWP < 1.2.3.1 - Subscriber+ User Avatar Override

The UsersWP WordPress plugin before 1.2.3.1 is missing access controls when updating a user avatar, and does not make sure file names for user avatars are unique, allowing a logged in user to overwrite another users avatar...

4.9AI score0.00644EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2021/11/01 9:1 p.m.7 views

CVE-2021-39333 Hashthemes Demo Importer <= 1.1.1 Improper Access Control Allowing Content Deletion

The Hashthemes Demo Importer Plugin = 1.1.1 for WordPress contained several AJAX functions which relied on a nonce which was visible to all logged-in users for access control, allowing them to execute a function that truncated nearly all database tables and removed the contents of...

8.1CVSS8.2AI score0.01016EPSS
Exploits1References1
Rows per page
Query Builder