Lucene search
K

11 matches found

OSV
OSV
added 2026/04/21 4:57 p.m.3 views

CVE-2026-40592 FreeScout's cross-user undo reply allows mailbox peers to recall another agent's outbound reply

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the undo-send route GET /conversation/undo-reply/threadid checks only whether the current user can view the parent conversation. It does not verify that the current user created the reply being undone. In a...

5.9CVSS6AI score0.00238EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-19996

Malicious code in bioql PyPI...

7.1CVSS6.4AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2024-30406

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00357EPSS
Exploits0References1
NVD
NVD
added 2025/07/04 12:15 p.m.4 views

CVE-2025-52796

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tggfref WP-Recall allows Reflected XSS. This issue affects WP-Recall: from n/a through 16.26.14...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
added 2025/06/06 1:15 p.m.7 views

CVE-2025-30981

Cross-Site Request Forgery CSRF vulnerability in tggfref WP-Recall allows Privilege Escalation. This issue affects WP-Recall: from n/a through 16.26.14...

6.3CVSS0.00135EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:17 a.m.13 views

CVE-2024-32604

Authorization Bypass Through User-Controlled Key vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5...

4.3CVSS5.2AI score0.00357EPSS
Exploits0References1
NVD
NVD
added 2025/05/07 3:16 p.m.9 views

CVE-2025-47653

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in tggfref WP-Recall allows PHP Local File Inclusion. This issue affects WP-Recall: from n/a through 16.26.14...

7.5CVSS0.00495EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.4 views

WordPress plugin WP-Recall 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.5CVSS7.8AI score0.00495EPSS
Exploits0References1
CVE
CVE
added 2025/03/08 9:22 a.m.94 views

CVE-2025-1325

CVE-2025-1325 affects the WordPress plugin WP-Recall – Registration, Profile, Commerce & More . The vulnerability arises from a missing capability check on the AJAX endpoint rcl_preview_post , enabling an authenticated attacker with at least Subscriber-level access to execute arbitrary shortcodes...

6.3CVSS6.4AI score0.0031EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/06 2:50 a.m.6 views

WordPress WP-Recall plugin <= 16.26.8 - Insecure Direct Object Reference to Unauthenticated Arbitrary Password Update vulnerability

Insecure Direct Object Reference to Unauthenticated Arbitrary Password Update vulnerability discovered by wesley wcraft in WordPress Plugin WP-Recall versions = 16.26.8...

9.8CVSS7AI score0.00603EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/06/06 12:0 a.m.5 views

WordPress plugin WP-Recall security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.3CVSS6.8AI score0.00393EPSS
Exploits0References3
Rows per page
Query Builder