Lucene search
+L

70 matches found

CNVD
CNVD
added 2025/07/11 12:0 a.m.12 views

WordPress PrivateContent-Mail Actions File Inclusion Vulnerability

WordPress PrivateContent-Mail Actions is the name of the plugin or feature module for mail actions and member management. WordPress PrivateContent-Mail Actions suffers from a file inclusion vulnerability that stems from improper file inclusion control, which can be exploited by an attacker to cau...

7.5CVSS7.1AI score0.00422EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/06 11:22 a.m.16 views

CVE-2025-47627

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LCweb PrivateContent - Mail Actions allows PHP Local File Inclusion. This issue affects PrivateContent - Mail Actions: from n/a through 2.3.2...

7.5CVSS5.3AI score0.00422EPSS
Exploits0References1
NVD
NVD
added 2025/07/04 12:15 p.m.6 views

CVE-2025-47627

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LCweb PrivateContent - Mail Actions allows PHP Local File Inclusion. This issue affects PrivateContent - Mail Actions: from n/a through 2.3.2...

7.5CVSS0.00422EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/07/04 12:15 p.m.6 views

CVE-2025-47627

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LCweb PrivateContent - Mail Actions allows PHP Local File Inclusion. This issue affects PrivateContent - Mail Actions: from n/a through 2.3.2...

7.5CVSS5.3AI score0.00422EPSS
Exploits0References3
CVE
CVE
added 2025/07/04 11:18 a.m.20 views

CVE-2025-47627

CVE-2025-47627 corresponds to a Local File Inclusion in the WordPress plugin PrivateContent - Mail Actions (versions 2.3.2 when available.

7.5CVSS5.3AI score0.00422EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/04 11:18 a.m.4 views

CVE-2025-47627 WordPress PrivateContent - Mail Actions plugin <= 2.3.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LCweb PrivateContent - Mail Actions allows PHP Local File Inclusion. This issue affects PrivateContent - Mail Actions: from n/a through 2.3.2...

7.5CVSS7.4AI score0.00422EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/04 11:18 a.m.12 views

CVE-2025-47627 WordPress PrivateContent - Mail Actions plugin <= 2.3.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LCweb PrivateContent - Mail Actions allows PHP Local File Inclusion. This issue affects PrivateContent - Mail Actions: from n/a through 2.3.2...

7.5CVSS0.00422EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/04 12:0 a.m.6 views

WordPress plugin PrivateContent - Mail Actions 安全漏洞

WordPress PrivateContent-Mail Actions is the name of the plugin or feature module for mail actions and member management. WordPress PrivateContent-Mail Actions suffers from a file inclusion vulnerability that stems from improper file inclusion control, which can be exploited by an attacker to cau...

7.5CVSS6.8AI score0.00422EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/04 12:0 a.m.5 views

PT-2025-27914 · Unknown · Privatecontent - Mail Actions

Name of the Vulnerable Software and Affected Versions: PrivateContent - Mail Actions versions 2.3.2 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows P...

7.5CVSS6.4AI score0.00422EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 4:40 a.m.8 views

CVE-2023-0581

The PrivateContent plugin for WordPress is vulnerable to protection mechanism bypass due to the use of client side validation in versions up to, and including, 8.4.3. This is due to the plugin checking if an IP had been blocklist via client-side scripts rather than server-side. This makes it...

5.3CVSS6.8AI score0.00734EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/17 10:27 p.m.5 views

CVE-2025-26976

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aldo Latino PrivateContent private-content.This issue affects PrivateContent: from n/a through = 8.11.4...

8.5CVSS5.8AI score0.00307EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/17 10:27 p.m.9 views

CVE-2025-26972

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound PrivateContent. This issue affects PrivateContent: from n/a through 8.11.5...

7.1CVSS5.2AI score0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/17 10:25 p.m.6 views

CVE-2025-26969

Missing Authorization vulnerability in Aldo Latino PrivateContent. This issue affects PrivateContent: from n/a through 8.11.5...

8.3CVSS5.2AI score0.00283EPSS
Exploits0References1
NVD
NVD
added 2025/03/15 10:15 p.m.10 views

CVE-2025-26969

Missing Authorization vulnerability in Aldo Latino PrivateContent. This issue affects PrivateContent: from n/a through 8.11.5...

8.3CVSS0.00283EPSS
Exploits0References1
NVD
NVD
added 2025/03/15 10:15 p.m.10 views

CVE-2025-26972

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound PrivateContent. This issue affects PrivateContent: from n/a through 8.11.5...

7.1CVSS0.00213EPSS
Exploits0References1
NVD
NVD
added 2025/03/15 10:15 p.m.7 views

CVE-2025-26976

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aldo Latino PrivateContent private-content.This issue affects PrivateContent: from n/a through = 8.11.4...

8.5CVSS0.00307EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/15 9:57 p.m.3 views

CVE-2025-26969 WordPress PrivateContent plugin <= 8.11.5 - Subscriber+ Site Wide Broken Access Control vulnerability

Missing Authorization vulnerability in Aldo Latino PrivateContent. This issue affects PrivateContent: from n/a through 8.11.5...

8.3CVSS5.2AI score0.00283EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/15 9:57 p.m.8 views

CVE-2025-26976 WordPress PrivateContent plugin <= 8.11.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aldo Latino PrivateContent private-content.This issue affects PrivateContent: from n/a through = 8.11.4...

8.5CVSS5.6AI score0.00307EPSS
Exploits0References1
CVE
CVE
added 2025/03/15 9:57 p.m.50 views

CVE-2025-26972

CVE-2025-26972 concerns the WordPress PrivateContent plugin (

7.1CVSS5.2AI score0.00213EPSS
Exploits0References1
CVE
CVE
added 2025/03/15 9:57 p.m.52 views

CVE-2025-26976

CVE-2025-26976 is a SQL Injection vulnerability affecting WordPress PrivateContent plugin

8.5CVSS5.8AI score0.00307EPSS
Exploits0References1
Rows per page
Query Builder