Lucene search
K

190 matches found

NVD
NVD
added 2026/06/26 3:16 p.m.9 views

CVE-2026-57663

Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes = 8.2.7 versions...

8.5CVSS0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:53 p.m.9 views

EUVD-2026-39668

Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes = 8.2.7 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 2:53 p.m.7 views

CVE-2026-57663

Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes = 8.2.7 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 2:53 p.m.15 views

CVE-2026-57663

CVE-2026-57663 describes a SQL Injection vulnerability in the WordPress plugin Zip Recipes (Recipe Maker For Your Food Blog) versions

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.34 views

CVE-2026-57663 WordPress Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.2.7 - SQL Injection vulnerability

Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes = 8.2.7 versions...

8.5CVSS0.00211EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/26 1:26 p.m.285 views

WordPress Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.2.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by ParkHyunWoo in WordPress Plugin Recipe Maker For Your Food Blog from Zip Recipes versions = 8.2.7...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.10 views

PT-2026-52833

Name of the Vulnerable Software and Affected Versions Recipe Maker For Your Food Blog from Zip Recipes versions prior to 8.2.8 Description A SQL Injection issue exists that allows exploitation at the contributor level. SQL Injection is a technique where an attacker inserts malicious SQL code into...

8.5CVSS5.9AI score0.00211EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/28 7:47 a.m.7 views

CVE-2026-1558

The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference IDOR in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integrations/instacart REST API endpoint's permissioncallback being set to returntrue and a lack of subsequen...

5.3CVSS5.9AI score0.00253EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/27 6:31 a.m.4 views

EUVD-2026-8995

The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference IDOR in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integrations/instacart REST API endpoint's permissioncallback being set to returntrue and a lack of subsequen...

5.3CVSS5.5AI score0.00253EPSS
Exploits0References5
NVD
NVD
added 2026/02/27 5:18 a.m.9 views

CVE-2026-1558

The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference IDOR in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integrations/instacart REST API endpoint's permissioncallback being set to returntrue and a lack of subsequen...

5.3CVSS0.00253EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/27 4:33 a.m.3 views

CVE-2026-1558 WP Recipe Maker <= 10.3.2 - Insecure Direct Object Reference to Unauthenticated Arbitrary Post Metadata Modification via 'recipeId' Parameter

The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference IDOR in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integrations/instacart REST API endpoint's permissioncallback being set to returntrue and a lack of subsequen...

5.3CVSS5.9AI score0.00253EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/27 4:33 a.m.21 views

CVE-2026-1558 WP Recipe Maker <= 10.3.2 - Insecure Direct Object Reference to Unauthenticated Arbitrary Post Metadata Modification via 'recipeId' Parameter

The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference IDOR in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integrations/instacart REST API endpoint's permissioncallback being set to returntrue and a lack of subsequen...

5.3CVSS0.00253EPSS
Exploits0References4
CVE
CVE
added 2026/02/27 4:33 a.m.18 views

CVE-2026-1558

Summary of CVE-2026-1558 (WP Recipe Maker

5.3CVSS5.5AI score0.00253EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/27 12:0 a.m.16 views

WordPress plugin WP Recipe Maker 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.9AI score0.00253EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.6 views

PT-2026-22295

The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference IDOR in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integrations/instacart REST API endpoint's permission callback being set to return true and a lack of...

5.3CVSS5.4AI score0.00253EPSS
Exploits0References5
Patchstack
Patchstack
added 2026/02/26 11:21 p.m.6 views

WordPress WP Recipe Maker plugin <= 10.3.2 - Insecure Direct Object Reference to Unauthenticated Arbitrary Post Metadata Modification via 'recipeId' Parameter vulnerability

Insecure Direct Object Reference to Unauthenticated Arbitrary Post Metadata Modification via 'recipeId' Parameter vulnerability discovered by Quốc Huy jtwings - Puramu in WordPress Plugin WP Recipe Maker versions = 10.3.2...

5.3CVSS5.4AI score0.00253EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/26 10:14 a.m.8 views

CVE-2025-14742

The WP Recipe Maker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajaxsearchrecipes' and 'ajaxgetrecipe' functions in all versions up to, and including, 10.2.3. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS5.4AI score0.00222EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/25 12:30 p.m.6 views

EUVD-2025-208093

The WP Recipe Maker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajaxsearchrecipes' and 'ajaxgetrecipe' functions in all versions up to, and including, 10.2.3. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS5.4AI score0.00222EPSS
Exploits0References7
CVE
CVE
added 2026/02/25 9:26 a.m.12 views

CVE-2025-14742

CVE-2025-14742 : The WP Recipe Maker plugin for WordPress is vulnerable to unauthorized data access due to a missing capability check on the ajax_search_recipes and ajax_get_recipe functions in all versions up to and including 10.2.3. This allows authenticated attackers with Subscriber-level acce...

4.3CVSS5.4AI score0.00222EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/02/25 9:26 a.m.22 views

CVE-2025-14742 WP Recipe Maker <= 10.2.3 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure

The WP Recipe Maker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajaxsearchrecipes' and 'ajaxgetrecipe' functions in all versions up to, and including, 10.2.3. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS0.00222EPSS
Exploits0References6
Rows per page
Query Builder