492 matches found
EUVD-2024-48688
Malicious code in bioql PyPI...
EUVD-2024-31827
Malicious code in bioql PyPI...
EUVD-2024-16216
Malicious code in bioql PyPI...
CVE-2025-9984
The Featured Image from URL FIFU plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the fifuapidebugposts function in all versions up to, and including, 5.2.7. This makes it possible for unauthenticated attackers to read private/password protect...
CVE-2025-9984
The Featured Image from URL FIFU plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the fifuapidebugposts function in all versions up to, and including, 5.2.7. This makes it possible for unauthenticated attackers to read private/password protect...
CVE-2025-9984
CVE-2025-9984 (FIFU, Featured Image from URL, WordPress) : The FIFU plugin is vulnerable to an unauthorized access exposure due to a missing capability check in fifu_api_debug_posts(). This allows unauthenticated attackers to read private/password protected posts in all versions up to 5.2.7. Conn...
CVE-2025-9984 Featured Image from URL (FIFU) <= 5.2.7 - Missing Authorization to Password Protected Post Disclosure
The Featured Image from URL FIFU plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the fifuapidebugposts function in all versions up to, and including, 5.2.7. This makes it possible for unauthenticated attackers to read private/password protect...
CVE-2025-9984 Featured Image from URL (FIFU) <= 5.2.7 - Missing Authorization to Password Protected Post Disclosure
The Featured Image from URL FIFU plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the fifuapidebugposts function in all versions up to, and including, 5.2.7. This makes it possible for unauthenticated attackers to read private/password protect...
WordPress plugin Featured Image from URL 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-39498
Name of the Vulnerable Software and Affected Versions Featured Image from URL FIFU plugin for WordPress versions through 5.2.7 Description The plugin is susceptible to unauthorized data access because of a missing capability check within the fifu api debug posts function. This allows...
Linux Distros Unpatched Vulnerability : CVE-2020-11028
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In affected versions of WordPress, some private posts, which were previously public, can result in unauthenticated disclosure under a specific set of conditions...
CVE-2025-8091
The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the addsingleeventon and addeventon shortcodes due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to...
CVE-2025-8091 EventON Lite <= 2.4.7 - Authenticated (Contributor+) Information Disclosure
The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the addsingleeventon and addeventon shortcodes due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to...
CVE-2025-8091 EventON Lite <= 2.4.6 - Authenticated (Contributor+) Information Disclosure
The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the addsingleeventon and addeventon shortcodes due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to...
PT-2025-33465 · WordPress · Eventon Lite
Name of the Vulnerable Software and Affected Versions: EventON Lite versions prior to 2.4.7 Description: The EventON Lite plugin for WordPress is vulnerable to Information Exposure in versions prior to 2.4.7 via the add single eventon and add eventon shortcodes. Insufficient restrictions on post...
Improper Authorization
github.com/mattermost/mattermost-server is vulnerable to Improper Authorization. The vulnerability is due to a failure to verify authorization when retrieving cached posts by PendingPostID, which allows an attacker to read posts from private channels they do not have access to by guessing the...
WordPress Information Disclosure Vulnerability (Jul 2025) - Windows
WordPress is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2025-54352
WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior...
UBUNTU-CVE-2025-54352
WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior...
CVE-2025-54352
WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior...