Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2025/12/15 11:9 p.m.1 views

CVE-2025-66402 misskey.js's export data contains private post data

Misskey is an open source, federated social media platform. Starting in version 13.0.0-beta.16 and prior to version 2025.12.0, an actor who does not have permission to view favorites or clips can can export the posts and view the contents. Version 2025.12.0 fixes the issue...

7.1CVSS6.4AI score0.00264EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-17711

Malicious code in bioql PyPI...

4.3CVSS8.8AI score0.0058EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/21 12:0 a.m.27 views

CVE-2025-54352

WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior...

3.7CVSS0.00321EPSS
Exploits1References1
OSV
OSV
added 2024/11/09 4:15 a.m.3 views

CVE-2024-10693

The SKT Addons for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.3 via the Unfold widget due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level acces...

4.3CVSS5.8AI score0.003EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/06/06 9:54 a.m.6 views

WordPress Widget Options Extended plugin <= 5.1.0 - Subscriber+ Private/Draft Post Exposure Vulnerability

Subscriber+ Private/Draft Post Exposure Vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Widget Options - Extended versions = 5.1.0...

6.5CVSS6.9AI score0.00422EPSS
Exploits0Affected Software1
Rows per page
Query Builder