73 matches found
CVE-2026-57749
Contributor Local File Inclusion in SportsPress Pro = 2.7.29 versions...
CVE-2026-57749 WordPress SportsPress Pro plugin <= 2.7.29 - Local File Inclusion vulnerability
Contributor Local File Inclusion in SportsPress Pro = 2.7.29 versions...
CVE-2026-57749
CVE-2026-57749 is a Local File Inclusion vulnerability in the WordPress SportsPress Pro plugin, affecting versions up to and including 2.7.29. The issue is documented across multiple feeds (NVD, CVE List, CIRCL, AttackersKB, EUVD, etc.). The reported CVSS v3.1 metrics indicate a high overall impa...
WordPress SportsPress Pro plugin <= 2.7.29 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by w41bu1 in WordPress Plugin SportsPress Pro versions = 2.7.29...
PT-2026-55037
Name of the Vulnerable Software and Affected Versions SportsPress Pro versions 2.7.29 and earlier Description A Local File Inclusion LFI issue exists where users with Contributor privileges can read local files on the server. Local File Inclusion is a vulnerability that allows an attacker to indu...
Exploit for CVE-2025-15368
CVE-2025-15368 Exploit Tool SportsPress Plugin for WordPres...
CVE-2025-15368
The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'templatename' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files...
CVE-2025-15368
The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'templatename' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files...
CVE-2025-15368 SportsPress <= 2.7.26 - Authenticated (Contributor+) Local File Inclusion via Shortcode
The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'templatename' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files...
CVE-2025-15368
Vulnerability summary (CVE-2025-15368) : The SportsPress WordPress plugin (versions up to 2.7.26) is vulnerable to Local File Inclusion via the shortcodes’ template_name attribute. Authenticated attackers with contributor-level permissions or higher can include and execute arbitrary server files,...
CVE-2025-15368 SportsPress <= 2.7.26 - Authenticated (Contributor+) Local File Inclusion via Shortcode
The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'templatename' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files...
EUVD-2025-206819
The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'templatename' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files...
WordPress plugin SportsPress 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress SportsPress plugin <= 2.7.26 - Authenticated (Contributor+) Local File Inclusion via Shortcode vulnerability
Authenticated Contributor+ Local File Inclusion via Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin SportsPress – Sports Club & League Manager versions = 2.7.26...
CVE-2024-34824
Missing Authorization vulnerability in ThemeBoy SportsPress – Sports Club & League Manager.This issue affects SportsPress – Sports Club & League Manager: from n/a through 2.7.20...
EUVD-2020-6100
Malware in sbrugna...
EUVD-2024-35089
Malicious code in bioql PyPI...
EUVD-2024-32552
Malicious code in bioql PyPI...
EUVD-2024-16946
Malicious code in bioql PyPI...
CVE-2024-1178
The SportsPress – Sports Club & League Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settingssave function in all versions up to, and including, 2.7.17. This makes it possible for unauthenticated attackers to update the...