Lucene search
K

90 matches found

EUVD
EUVD
added 2025/12/15 11:9 p.m.3 views

EUVD-2025-203442

Misskey is an open source, federated social media platform. Starting in version 13.0.0-beta.16 and prior to version 2025.12.0, an actor who does not have permission to view favorites or clips can can export the posts and view the contents. Version 2025.12.0 fixes the issue...

7.1CVSS6.2AI score0.00274EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2025/10/08 4:0 a.m.226 views

Exploit for CVE-2025-54352

CVE-2025-54352 PoC Usage Steps to install and test the Wor...

3.7CVSS6.9AI score0.00321EPSS
Exploits1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-11780

Malware in sbrugna...

4.3CVSS4.7AI score0.00891EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-9111

Malware in sbrugna...

7.5CVSS7.6AI score0.03195EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-51759

Malicious code in bioql PyPI...

4.3CVSS9.2AI score0.00334EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-17711

Malicious code in bioql PyPI...

4.3CVSS8.8AI score0.0058EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-49170

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00388EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-8074

Malicious code in bioql PyPI...

5.3CVSS9AI score0.00363EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-50184

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00335EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2025-54352

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not...

3.7CVSS5.5AI score0.00321EPSS
Exploits1References3
OSV
OSV
added 2025/07/21 5:15 a.m.7 views

DEBIAN-CVE-2025-54352

WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior...

3.7CVSS5.4AI score0.00321EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/07/21 12:0 a.m.28 views

CVE-2025-54352

WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior...

3.7CVSS0.00321EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:17 a.m.5 views

CVE-2024-8431

The Photo Gallery, Images, Slider in Rbs Image Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajaxGetGalleryJson function in all versions up to, and including, 3.2.21. This makes it possible for authenticated attackers, with...

4.3CVSS6.5AI score0.00388EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:11 p.m.9 views

CVE-2021-39203

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view private post types/data can bypass restrictions in the block editor under certain conditions. This...

6.8CVSS6.6AI score0.00941EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:21 p.m.10 views

CVE-2021-24661

The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10, with Saved Templates Addon enabled, allows users with Contributor roles or higher to read password-protected or private post contents the user is otherwise unable to read, given the post ID...

4.3CVSS6.6AI score0.00739EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/25 7:4 a.m.19 views

CVE-2025-2252 Easy Digital Downloads – eCommerce Payments and Subscriptions made easy <= 3.3.6.1 - Unauthenticated Private Post Title Disclosure

The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.6.1 via the eddajaxgetdownloadtitle function. This makes it possible for unauthenticated attackers to extract...

5.3CVSS0.00363EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/03/24 9:11 p.m.6 views

WordPress Easy Digital Downloads plugin <= 3.3.6.1 - Unauthenticated Private Post Title Disclosure vulnerability

Unauthenticated Private Post Title Disclosure vulnerability discovered by Françoa Taffarel in WordPress Plugin Easy Digital Downloads versions = 3.3.6.1...

5.3CVSS7AI score0.00363EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/03/12 8:21 a.m.49 views

CVE-2024-13430

CVE-2024-13430 affects the Page Builder: Pagelayer – Drag and Drop website builder for WordPress (

4.3CVSS4.4AI score0.00311EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/04 7:21 a.m.8 views

CVE-2024-13514 B Slider- Gutenberg Slider Block for WP <= 1.1.23 - Authenticated (Contributor+) Private Post Disclosure via bsb-slider Shortcode

The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.5 via the 'bsb-slider' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, wi...

4.3CVSS6.6AI score0.00334EPSS
Exploits0References2
OSV
OSV
added 2024/11/09 4:15 a.m.3 views

CVE-2024-10693

The SKT Addons for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.3 via the Unfold widget due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level acces...

4.3CVSS5.8AI score0.003EPSS
Exploits0References2
Rows per page
Query Builder