Lucene search
K

207 matches found

RedhatCVE
RedhatCVE
added 2026/06/10 8:59 a.m.13 views

CVE-2026-9185

The 6Storage Rentals plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 2.22.0 via the userId parameter of the sixstoragegetuserinfo and sixstorageupdateprofile AJAX actions. This is due to the sixstoragegetUserInfo and...

7.5CVSS5.5AI score0.00403EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/09 9:16 a.m.10 views

WordPress 6Storage Rentals plugin <= 2.26.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by g0wthr in WordPress Plugin 6Storage Rentals versions = 2.26.0...

7.5CVSS5.2AI score0.00403EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/09 5:16 a.m.17 views

CVE-2026-9185

The 6Storage Rentals plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 2.22.0 via the userId parameter of the sixstoragegetuserinfo and sixstorageupdateprofile AJAX actions. This is due to the sixstoragegetUserInfo and...

7.5CVSS0.00403EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/09 3:41 a.m.10 views

EUVD-2026-35307

The 6Storage Rentals plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 2.22.0 via the userId parameter of the sixstoragegetuserinfo and sixstorageupdateprofile AJAX actions. This is due to the sixstoragegetUserInfo and...

7.5CVSS5.5AI score0.00403EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

WordPress plugin 6Storage Rentals 安全漏洞

WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the functionality of WordPress. There is a security vulnerability in WordPress Plugin...

7.5CVSS5.9AI score0.00403EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/12 6:30 p.m.4 views

EUVD-2019-19807

Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the guests parameter. Attackers can send POST requests to the search/rentals endpoint with malicious SQL payloads to...

8.8CVSS5.9AI score0.00409EPSS
Exploits1References3
NVD
NVD
added 2026/03/12 4:16 p.m.5 views

CVE-2019-25525

Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the guests parameter. Attackers can send POST requests to the search/rentals endpoint with malicious SQL payloads to...

9.1CVSS0.00409EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.3 views

CVE-2019-25525

Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the guests parameter. Attackers can send POST requests to the search/rentals endpoint with malicious SQL payloads to...

8.8CVSS5.9AI score0.00409EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.2 views

CVE-2019-25525 Inout EasyRooms Ultimate Edition v1.0 SQL Injection via search

Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the guests parameter. Attackers can send POST requests to the search/rentals endpoint with malicious SQL payloads to...

8.8CVSS5.9AI score0.00409EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/12 3:36 p.m.25 views

CVE-2019-25525 Inout EasyRooms Ultimate Edition v1.0 SQL Injection via search

Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the guests parameter. Attackers can send POST requests to the search/rentals endpoint with malicious SQL payloads to...

8.8CVSS0.00409EPSS
Exploits1References2
CVE
CVE
added 2026/03/12 3:36 p.m.11 views

CVE-2019-25525

CVE-2019-25525 affects Inout EasyRooms Ultimate Edition v1.0. The vulnerability is an SQL injection in the guests parameter that can be exploited via POST to the search/rentals endpoint, enabling unauthenticated attackers to bypass authentication and potentially extract or modify data. The provid...

9.1CVSS5.9AI score0.00409EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.5 views

PT-2026-24985

Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the guests parameter. Attackers can send POST requests to the search/rentals endpoint with malicious SQL payloads to...

8.8CVSS5.9AI score0.00409EPSS
Exploits1References3
WPVulnDB
WPVulnDB
added 2026/01/05 12:0 a.m.7 views

6Storage Rentals <= 2.20.0 - Authenticated (Subscriber+) Server-Side Request Forgery

Description The 6Storage Rentals plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.20.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from...

9.1CVSS5.7AI score0.00163EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/30 12:0 a.m.4 views

WordPress 6Storage Rentals plugin server-side request forgery vulnerability

WordPress 6Storage Rentals plugin is a plugin designed for WordPress websites, designed to help webmasters easily manage the rental booking process for storage facilities. WordPress 6Storage Rentals plugin suffers from a server-side request forgery vulnerability, which stems from the server not...

9.1CVSS7.2AI score0.00163EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/25 1:23 p.m.5 views

CVE-2025-67623

Server-Side Request Forgery SSRF vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Server Side Request Forgery.This issue affects 6Storage Rentals: from n/a through = 2.22.0...

5.4CVSS5.7AI score0.00163EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/24 3:30 p.m.3 views

EUVD-2025-205282

Server-Side Request Forgery SSRF vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Server Side Request Forgery.This issue affects 6Storage Rentals: from n/a through = 2.19.9...

9.1CVSS6.5AI score0.00163EPSS
Exploits0References2
NVD
NVD
added 2025/12/24 1:16 p.m.5 views

CVE-2025-67623

Server-Side Request Forgery SSRF vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Server Side Request Forgery.This issue affects 6Storage Rentals: from n/a through = 2.22.0...

5.4CVSS0.00163EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/24 1:10 p.m.5 views

CVE-2025-67623 WordPress 6Storage Rentals plugin <= 2.22.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Server Side Request Forgery.This issue affects 6Storage Rentals: from n/a through = 2.22.0...

5.4CVSS5.1AI score0.00163EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/24 1:10 p.m.28 views

CVE-2025-67623 WordPress 6Storage Rentals plugin <= 2.22.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Server Side Request Forgery.This issue affects 6Storage Rentals: from n/a through = 2.22.0...

5.4CVSS0.00163EPSS
Exploits0References1
CVE
CVE
added 2025/12/24 1:10 p.m.11 views

CVE-2025-67623

CVE-2025-67623 is a Server-Side Request Forgery (SSRF) vulnerability in the WordPress plugin 6Storage Rentals (6storage-rentals). Affected: 6Storage Rentals versions up to 2.22.0 (per NVD/CNVD/Red Hat and CVE listings). Root cause: inadequate validation/authentication enabling SSRF to internal re...

5.4CVSS5.7AI score0.00163EPSS
Exploits0References1
Rows per page
Query Builder