Lucene search
K

13 matches found

Vulnrichment
Vulnrichment
added 2026/02/19 4:36 a.m.4 views

CVE-2025-14167 Remove Post Type Slug <= 1.0.2 - Cross-Site Request Forgery to Settings Update

The Remove Post Type Slug plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to incorrect nonce validation logic that uses OR || instead of AND &&, causing the validation to fail when the nonce field is not empty OR when...

4.3CVSS5.2AI score0.00151EPSS
Exploits0References3
CVE
CVE
added 2026/02/19 4:36 a.m.11 views

CVE-2025-14167

CVE-2025-14167 details a Cross-Site Request Forgery in the WordPress plugin Remove Post Type Slug (versions

4.3CVSS5.4AI score0.00151EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/19 4:36 a.m.35 views

CVE-2025-14167 Remove Post Type Slug <= 1.0.2 - Cross-Site Request Forgery to Settings Update

The Remove Post Type Slug plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to incorrect nonce validation logic that uses OR || instead of AND &&, causing the validation to fail when the nonce field is not empty OR when...

4.3CVSS0.00151EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/02/18 11:58 p.m.6 views

WordPress Remove Post Type Slug plugin <= 1.0.2 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Remove Post Type Slug versions = 1.0.2...

4.3CVSS5.5AI score0.00151EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/25 4:16 p.m.7 views

CVE-2022-0693

The Master Elements WordPress plugin through 8.0 does not validate and escape the metaids parameter of its removepostmetacondition AJAX action available to both unauthenticated and authenticated users before using it in a SQL statement, leading to an unauthenticated SQL Injection...

9.8CVSS8.1AI score0.07097EPSS
Exploits2References3
OSV
OSV
added 2022/04/25 4:16 p.m.5 views

CVE-2022-0693

The Master Elements WordPress plugin through 8.0 does not validate and escape the metaids parameter of its removepostmetacondition AJAX action available to both unauthenticated and authenticated users before using it in a SQL statement, leading to an unauthenticated SQL Injection...

9.8CVSS5.8AI score0.07097EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/04/25 12:0 a.m.6 views

WordPress plugin Master Elements SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin Master Elements 8.0 and earlier versions are vulnerable to SQL injection, which stems from t...

9.8CVSS5.9AI score0.07097EPSS
Exploits2References3
OSV
OSV
added 2016/06/29 2:10 p.m.3 views

UBUNTU-CVE-2016-5837

WordPress before 4.5.3 allows remote attackers to bypass intended access restrictions and remove a category attribute from a post via unspecified vectors...

7.5CVSS7.2AI score0.0352EPSS
Exploits0References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Ez Guestbook 1.0 - Multiple Vulnerabilities

No description provided by source. ------------------------------------------------------------------------------------------------- Title: Ez Guestbook 1.0 Multiple Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 14. December 2009...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/12/14 12:0 a.m.15 views

Ez Guestbook 1.0 Cross Site Request Forgery

------------------------------------------------------------------------------------------------- Title: Ez Guestbook 1.0 Multiple Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 14. December 2009...

0.1AI score
Exploits0
0day.today
0day.today
added 2009/12/14 12:0 a.m.28 views

Ez Guestbook 1.0 Multiple Vulnerabilities

Exploit for unknown platform in category web applications ========================================= Ez Guestbook 1.0 Multiple Vulnerabilities ========================================= ------------------------------------------------------------------------------------------------- Application: Ez...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/12/14 12:0 a.m.20 views

Ez Guestbook 1.0 Multiple Vulnerabilities

No description provided by source. ------------------------------------------------------------------------------------------------- Title: Ez Guestbook 1.0 Multiple Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 14. December 2009...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/12/14 12:0 a.m.22 views

Ez Guestbook 1.0 - Multiple Vulnerabilities

------------------------------------------------------------------------------------------------- Title: Ez Guestbook 1.0 Multiple Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 14. December 2009...

7.4AI score
Exploits0
Rows per page
Query Builder