Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:14 a.m.5 views

CVE-2024-9583

The RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the wprssajaxsendpremiumsupport function in all versions up to, and including, 4.23.12. This makes it possible f...

5.4CVSS4.9AI score0.004EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:9 a.m.4 views

CVE-2019-19589

The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file upload...

9.8CVSS6.9AI score0.01771EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2024/07/11 1:21 p.m.15 views

Wagtail regular expression denial-of-service via search query parsing

Impact A bug in Wagtail's parsequerystring would result in it taking a long time to process suitably crafted inputs. When used to parse sufficiently long strings of characters without a space, parsequerystring would take an unexpectedly large amount of time to process, resulting in a denial of...

6.5CVSS5.4AI score0.0061EPSS
Exploits0References7Affected Software1
CISA KEV Catalog
CISA KEV Catalog
added 2024/03/26 12:0 a.m.47 views

Microsoft SharePoint Server Code Injection Vulnerability

Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code remotely...

7.2CVSS7.3AI score0.85395EPSS
In wildExploits7
VulnCheck KEV
VulnCheck KEV
added 2024/03/26 12:0 a.m.4 views

VulnCheck KEV: CVE-2023-24955

Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code remotely...

7.2CVSS7AI score0.85395EPSS
Exploits7References1
Positive Technologies
Positive Technologies
added 2023/05/09 12:0 a.m.5 views

PT-2023-2720

Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Server affected versions not specified Description The issue is related to a remote code execution vulnerability in Microsoft SharePoint Server. This vulnerability allows an authenticated attacker with Site Owner privilege...

8.3CVSS7.8AI score0.85395EPSS
Exploits7References115
Cvelist
Cvelist
added 2023/04/03 4:41 p.m.42 views

CVE-2023-28837 Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files

Wagtail is an open source content management system built on Django. Prior to versions 4.1.4 and 4.2.2, a memory exhaustion bug exists in Wagtail's handling of uploaded images and documents. For both images and documents, files are loaded into memory during upload for additional processing. A use...

4.9CVSS5.4AI score0.0107EPSS
Exploits0References8
Wordfence Blog
Wordfence Blog
added 2022/06/01 2:51 p.m.15 views

The Cybersecurity CIA Triad: What You Need to Know as a WordPress Site Owner

One of the core concepts of cybersecurity is known as the CIA Triad. There are three pillars to the triad, with each pillar being designed to address an aspect of securing data. These three pillars are Confidentiality, Integrity, and Availability. The Confidentiality pillar is intended to prevent...

0.5AI score
Exploits0
Cvelist
Cvelist
added 2021/10/04 1:40 p.m.17 views

CVE-2021-37777

Gila CMS 2.2.0 is vulnerable to Insecure Direct Object Reference IDOR. Thumbnails uploaded by one site owner are visible by another site owner just by knowing the other site name and fuzzing for picture names. This leads to sensitive information disclosure...

7.5AI score0.01648EPSS
Exploits1References1
CVE
CVE
added 2020/07/20 5:50 p.m.81 views

CVE-2020-15118

CVE-2020-15118 affects Wagtail versions before 2.7.4 and 2.9.3, where HTML in form field help_text can be rendered unescaped when using Django form rendering helpers (e.g., form.as_p). This enables potential cross-site scripting via editor-controlled help text. Patches are available: Wagtail 2.7....

5.7CVSS5.4AI score0.01083EPSS
Exploits0References5Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Wordpress WP-SendSMS Plugin 1.0 - Multiple Vulnerabilities

No description provided by source. ============================================================= \ \ / / | | / \ / | | \ \ V / | | | | | | | | | / \ | ' \ | | | | | | | | | | | | '| | / / . \ | | | | | | || | | | | | | | | | // \ | ./ || / || || |/ || | | || blackpentesters.blogspot.com...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2005/02/17 12:0 a.m.23 views

[SA14263] Siteman Site Owner Registration Security Bypass Vulnerability

TITLE: Siteman Site Owner Registration Security Bypass Vulnerability SECUNIA ADVISORY ID: SA14263 VERIFY ADVISORY: http://secunia.com/advisories/14263/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: From remote SOFTWARE: Siteman 1.x http://secunia.com/product/4655/ DESCRIPTION: A...

0.9AI score
Exploits0
Rows per page
Query Builder