Lucene search
K

22 matches found

ICS
ICS
added 2026/06/23 6:0 a.m.15 views

Hubbell Aclara Metrum Cellular Web Interface

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow attackers to manipulate critical device settings and repeatedly disrupt operations, potentially causing a loss of communications to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

8.7CVSS5.9AI score0.00726EPSS
Exploits0References11
Cvelist
Cvelist
added 2025/10/25 6:49 a.m.14 views

CVE-2025-11497 Advanced Database Cleaner <= 3.1.6 - Cross-Site Request Forgery to Settings Manipulation

The Advanced Database Cleaner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.6. This is due to missing or incorrect nonce validation on the aDBcprepareelementstoclean function. This makes it possible for unauthenticated attackers to alte...

4.3CVSS0.00208EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/02 8:24 p.m.11 views

CVE-2025-50849

CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference IDOR. The user profile functionality allows enabling or disabling stickers through a parameter companyid sent in the request. However, this operation is not properly validated on the server side. An authenticated user can manipulate...

8CVSS6.2AI score0.0026EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/02/26 9:50 p.m.4 views

WordPress School Management System – SakolaWP plugin <= 1.0.8 - Cross-Site Request Forgery to Exam Setting Manipulation vulnerability

Cross-Site Request Forgery to Exam Setting Manipulation vulnerability discovered by Dhabaleshwar Das in WordPress Plugin School Management System – SakolaWP versions = 1.0.8...

4.3CVSS7AI score0.0016EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/05/18 7:38 a.m.34 views

CVE-2024-2782 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Setting Manipulation

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wp-json/fluentform/v1/global-settings REST API endpoint in all versions up to, and including,...

7.5CVSS7.5AI score0.0123EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/10/26 5:31 p.m.33 views

CVE-2023-5796 CodeAstro POS System Logo setting unrestricted upload

A vulnerability was found in CodeAstro POS System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /setting of the component Logo Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been...

6.5CVSS8.9AI score0.00714EPSS
Exploits1References3
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.15 views

TinyMCE Custom Styles < 1.1.4 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Go to "Settings" » "TinyMCE Custom Styles"...

4.8CVSS5.4AI score0.00451EPSS
Exploits2Affected Software1
NVD
NVD
added 2021/09/23 12:15 p.m.24 views

CVE-2021-22011

vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation...

5.3CVSS0.01057EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.14 views

LiveOptim 1.1.3 - Configuration Setting Manipulation CSRF

The SEO Plugin LiveOptim WordPress plugin was affected by a Configuration Setting Manipulation CSRF security vulnerability...

6.8CVSS2.3AI score0.01081EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.21 views

Twitget 3.3.1 - twitget.php Twitter Setting Manipulation CSRF

The Twitget WordPress plugin was affected by a twitget.php Twitter Setting Manipulation CSRF security vulnerability...

6.8CVSS2.1AI score0.03285EPSS
Exploits6References3Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.10 views

IndiaNIC FAQs Manager 1.0 - FAQ Setting Manipulation CSRF

The faqs-manager WordPress plugin was affected by a FAQ Setting Manipulation CSRF security vulnerability...

3.1AI score
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.26 views

SexyBookmarks - Setting Manipulation CSRF

The sexybookmarks WordPress plugin was affected by a Setting Manipulation CSRF security vulnerability...

6.8CVSS2.1AI score0.01085EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.15 views

IndiaNIC Testimonial 2.2 - Setting Manipulation CSRF

The Testimonial WordPress plugin was affected by a Setting Manipulation CSRF security vulnerability...

6.8CVSS2.9AI score0.03154EPSS
Exploits1References3Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.12 views

Stream Video Player <= 1.4.0 - Setting Manipulation CSRF

The Stream Video Player WordPress plugin was affected by a Setting Manipulation CSRF security vulnerability...

6.8CVSS2.5AI score0.0097EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.20 views

qTranslate 2.5.34 - Setting Manipulation CSRF

The qtranslate WordPress plugin was affected by a Setting Manipulation CSRF security vulnerability...

6.8CVSS2.5AI score0.0097EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.17 views

WP Maintenance Mode 1.8.7 - Setting Manipulation CSRF

The WP Maintenance Mode WordPress plugin was affected by a Setting Manipulation CSRF security vulnerability...

6.8CVSS2AI score0.00952EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.17 views

WP-Print 2.51 - Setting Manipulation CSRF

The WP-Print WordPress plugin was affected by a Setting Manipulation CSRF security vulnerability...

6.8CVSS2.4AI score0.01076EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.7 views

FunCaptcha 0.3.2- Setting Manipulation CSRF

The funcaptcha WordPress plugin was affected by security vulnerability...

2.3AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.7 views

Top 10 <= 1.9.2 - Setting Manipulation CSRF

The Top 10 – Popular posts plugin for WordPress WordPress plugin was affected by a Setting Manipulation CSRF security vulnerability...

1.8AI score
Exploits0Affected Software1
0day.today
0day.today
added 2014/03/08 12:0 a.m.40 views

Huawei E5331 MiFi Unauthenticated Access / Setting Manipulation

Huawei E5331 MiFi mobile hotspot version 21.344.11.00.414 suffers from unauthenticated access and setting manipulation vulnerabilities. ======================================================================= title: Unauthenticated access & manipulation of settings product: Huawei E5331 MiFi mobil...

7.3AI score
Exploits0
Rows per page
Query Builder