Lucene search
K

4 matches found

CVE
CVE
added yesterday8 views

CVE-2026-50280

Craft CMS contains an authorization bypass in the entries/move-to-section endpoint (EntriesController::actionMoveToSection). In versions 5.0.0-RC1 through below 5.9.21, destination section gate relies only on viewEntries:$section->uid instead of requiring saveEntries permission; source entry p...

6CVSS5.7AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.6 views

PT-2026-1712

Name of the Vulnerable Software and Affected Versions WP Table Builder – Drag & Drop Table Builder plugin for WordPress versions up to and including 2.0.19 Description The WP Table Builder – Drag & Drop Table Builder plugin for WordPress has a flaw where data can be modified without proper...

4.3CVSS6.3AI score0.00242EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.5 views

PT-2024-18137 · WordPress · Redirects Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: The Redirects plugin for WordPress versions up to, and including, 1.2.1 Description: The issue is related to a missing capability check on the save function, allowing unauthorized modification of data. This could enable unauthenticated...

6.5CVSS7AI score0.0053EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/06/09 12:0 a.m.4 views

WordPress Plugin WPCS – WordPress Currency Switcher Professional 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin WPCS - A...

4.3CVSS6.4AI score0.00409EPSS
Exploits0References3
Rows per page
Query Builder