Lucene search
K

2037 matches found

NVD
NVD
added 2026/04/08 9:16 a.m.7 views

CVE-2026-39620

Cross-Site Request Forgery CSRF vulnerability in priyanshumittal Appointment appointment allows Upload a Web Shell to a Web Server.This issue affects Appointment: from n/a through = 3.5.5...

9.6CVSS0.00143EPSS
Exploits0References1
NVD
NVD
added 2026/04/08 9:16 a.m.5 views

CVE-2026-39619

Cross-Site Request Forgery CSRF vulnerability in priyanshumittal Busiprof busiprof allows Upload a Web Shell to a Web Server.This issue affects Busiprof: from n/a through = 2.5.2...

9.6CVSS0.00143EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 8:30 a.m.8 views

CVE-2026-39621 WordPress SpicePress theme <= 2.3.2.5 - CSRF to Arbitrary Plugin Installation vulnerability

Cross-Site Request Forgery CSRF vulnerability in spicethemes SpicePress spicepress allows Upload a Web Shell to a Web Server.This issue affects SpicePress: from n/a through = 2.3.2.5...

8.8CVSS5.2AI score0.00143EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 8:30 a.m.2 views

CVE-2026-39620 WordPress Appointment theme <= 3.5.5 - Cross Site Request Forgery (CSRF) to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF vulnerability in priyanshumittal Appointment appointment allows Upload a Web Shell to a Web Server.This issue affects Appointment: from n/a through = 3.5.5...

5.8AI score0.00143EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 8:30 a.m.4 views

CVE-2026-39620

Cross-Site Request Forgery CSRF vulnerability in priyanshumittal Appointment appointment allows Upload a Web Shell to a Web Server.This issue affects Appointment: from n/a through = 3.5.5...

5.9AI score0.00143EPSS
Exploits0References2
CVE
CVE
added 2026/04/08 8:30 a.m.11 views

CVE-2026-39621

The CVE-2026-39621 entry describes a CSRF vulnerability in the spicethemes SpicePress WordPress theme, affecting versions up to and including 2.3.2.5. The issue permits a CSRF that may enable an attacker to upload a web shell to the target server, enabling arbitrary plugin installation via a craf...

8.8CVSS5.9AI score0.00143EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.22 views

CVE-2026-39621 WordPress SpicePress theme <= 2.3.2.5 - CSRF to Arbitrary Plugin Installation vulnerability

Cross-Site Request Forgery CSRF vulnerability in spicethemes SpicePress spicepress allows Upload a Web Shell to a Web Server.This issue affects SpicePress: from n/a through = 2.3.2.5...

8.8CVSS0.00143EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 8:30 a.m.2 views

CVE-2026-39621

Cross-Site Request Forgery CSRF vulnerability in spicethemes SpicePress spicepress allows Upload a Web Shell to a Web Server.This issue affects SpicePress: from n/a through = 2.3.2.5...

5.9AI score0.00143EPSS
Exploits0References2
CVE
CVE
added 2026/04/08 8:30 a.m.16 views

CVE-2026-39620

CVE-2026-39620 is a CSRF vulnerability in the WordPress Appointment theme (

9.6CVSS5.9AI score0.00143EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 8:30 a.m.3 views

CVE-2026-39619

Cross-Site Request Forgery CSRF vulnerability in priyanshumittal Busiprof busiprof allows Upload a Web Shell to a Web Server.This issue affects Busiprof: from n/a through = 2.5.2...

5.9AI score0.00143EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/08 8:30 a.m.7 views

EUVD-2026-20261

Cross-Site Request Forgery CSRF vulnerability in priyanshumittal Busiprof busiprof allows Upload a Web Shell to a Web Server.This issue affects Busiprof: from n/a through = 2.5.2...

5.9AI score0.00143EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.7 views

PT-2026-31185

CVE-2026-39620 Cross-Site Request Forgery CSRF vulnerability in priyanshumittal Appointment appointment allows Upload a Web Shell to a Web Server.This issue affects Appointment: f… https://t.co/a67ww7zLp8...

5.8AI score0.00143EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.12 views

PT-2026-31184

CVE-2026-39619 Cross-Site Request Forgery CSRF vulnerability in priyanshumittal Busiprof busiprof allows Upload a Web Shell to a Web Server.This issue affects Busiprof: from n/a t… https://t.co/PP035okJ62...

9.6CVSS5.8AI score0.00143EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/03/31 12:10 p.m.205 views

Exploit for Missing Authentication for Critical Function in Projectsend

ProjectSend CVE-2024-11680 Exploit This is a proof-of-concept...

9.8CVSS7.9AI score0.91559EPSS
Exploits4
GithubExploit
GithubExploit
added 2026/03/27 6:0 a.m.130 views

Exploit for CVE-2026-3891

CVE-2026-3891 Pix for WooCommerce = 1.5.0 - Unauthenticate...

9.8CVSS5.8AI score0.00845EPSS
Exploits5
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.11 views

PT-2026-28038

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr-sync allows Upload a Web Shell to a Web Server.This issue affects Photo Engine: from n/a through = 6.4.9...

5.8AI score0.00332EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/19 8:41 a.m.3 views

CVE-2026-27067 WordPress Mobile App Editor plugin <= 1.3.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor allows Upload a Web Shell to a Web Server.This issue affects Mobile App Editor: from n/a through 1.3.1...

9.1CVSS5.8AI score0.00275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/06 7:55 a.m.7 views

CVE-2025-68553

Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Lendiz lendiz allows Upload a Web Shell to a Web Server.This issue affects Lendiz: from n/a through 2.0.1...

9.9CVSS5.8AI score0.00447EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/06 7:53 a.m.7 views

CVE-2026-28114

Unrestricted Upload of File with Dangerous Type vulnerability in firassaidi WooCommerce License Manager fs-license-manager allows Upload a Web Shell to a Web Server.This issue affects WooCommerce License Manager: from n/a through = 7.0.6...

9.1CVSS5.8AI score0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 5:54 a.m.32 views

CVE-2026-28133 WordPress Filr plugin <= 1.2.14 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in WP Chill Filr filr-protection allows Upload a Web Shell to a Web Server.This issue affects Filr: from n/a through = 1.2.14...

8.5CVSS0.00212EPSS
Exploits0References1
Rows per page
Query Builder