CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6151 matches found

0day.today•added 2019/11/20 12:0 a.m.•3230 views

WordPress Core 5.2.3 - Viewing Unauthenticated/Password/Private Posts Vulnerability

Exploit for multiple platform in category web applications WordPress Core 5.2.3 - Viewing Unauthenticated/Password/Private Posts So far we know that adding ?static=1 to a wordpress URL should leak its secret content Here are a few ways to manipulate the returned entries: - order with asc or desc ...

5CVSS0.6AI score0.72902EPSS

Exploits2

Tenable Nessus•added 2019/11/13 12:0 a.m.•10 views

FreeBSD : wordpress -- multiple issues (459df1ba-051c-11ea-9673-4c72b94353b5)

wordpress developers reports : Props to Evan Ricafort for finding an issue where stored XSS cross-site scripting could be added via the Customizer. rops to J.D. Grimes who found and disclosed a method of viewing unauthenticated posts. Props to Weston Ruter for finding a way to create a stored XSS...

5.3AI score

Exploits0References2

CNVD•added 2019/11/07 12:0 a.m.•1 views

SQL Injection Vulnerability in MyfCMS Backend at Adding New Posts

Min Yifei Content Management System, abbreviated MyfCMS, is a PHP+Mysql content management system. A SQL injection vulnerability exists in the backend of MyfCMS at Add New Article. An attacker can exploit the vulnerability to obtain sensitive database information...

7.8AI score

Exploits0

Tenable Nessus•added 2019/10/28 12:0 a.m.•14 views

Fedora 29 : wordpress (2019-e70f89fa34)

WordPress 5.2.4 Security Release WordPress versions 5.2.3 and earlier are affected by these bugs, which are fixed in version 5.2.4. Security Updates - Props to Evan Ricafort for finding an issue where stored XSS cross-site scripting could be added via the Customizer. - Props to J.D. Grimes who...

5.4AI score

Exploits0References1

Tenable Nessus•added 2019/10/28 12:0 a.m.•53 views

Fedora 30 : wordpress (2019-709c48a989)

5.4AI score

Exploits0References1

OpenVAS•added 2019/10/25 12:0 a.m.•133 views

WordPress Multiple Vulnerabilities (Oct 2019) - Linux

WordPress is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescripti...

9.8CVSS6.5AI score0.72902EPSS

Exploits2References2

OpenVAS•added 2019/10/25 12:0 a.m.•48 views

WordPress Multiple Vulnerabilities (Oct 2019) - Windows

9.8CVSS6.5AI score0.72902EPSS

Exploits2References1

Veracode•added 2019/10/18 8:25 a.m.•35 views

Unauthenticated Access To Restricted Resources

wordpress allows unauthenticated access to restricted resources. This vulnerability could allow unauthenticated users to view private or draft posts that would otherwise be restricted...

5.3CVSS5.3AI score0.72902EPSS

Exploits2References9Affected Software1

Tenable Nessus•added 2019/10/16 12:0 a.m.•21 views

WordPress 4.3.x < 4.3.21 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability in Customizer. - An unspecified issue which could lead to disclosure of unauthenticated posts. - A cross-site scripting XSS...

5.3CVSS6.2AI score0.72902EPSS

Exploits2References3

Tenable Nessus•added 2019/10/16 12:0 a.m.•18 views

WordPress 4.6.x < 4.6.16 Multiple Vulnerabilities

5.3CVSS6.2AI score0.72902EPSS

Exploits2References3

Tenable Nessus•added 2019/10/16 12:0 a.m.•17 views

WordPress 3.9.x < 3.9.29 Multiple Vulnerabilities

5.3CVSS6.2AI score0.72902EPSS

Exploits2References3

Tenable Nessus•added 2019/10/16 12:0 a.m.•14 views

WordPress 4.5.x < 4.5.19 Multiple Vulnerabilities