Lucene search
K

73 matches found

NVD
NVD
added 2026/07/02 12:17 p.m.6 views

CVE-2026-57749

Contributor Local File Inclusion in SportsPress Pro = 2.7.29 versions...

7.5CVSS0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 11:15 a.m.37 views

CVE-2026-57749 WordPress SportsPress Pro plugin <= 2.7.29 - Local File Inclusion vulnerability

Contributor Local File Inclusion in SportsPress Pro = 2.7.29 versions...

7.5CVSS0.00278EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.13 views

CVE-2026-57749

CVE-2026-57749 is a Local File Inclusion vulnerability in the WordPress SportsPress Pro plugin, affecting versions up to and including 2.7.29. The issue is documented across multiple feeds (NVD, CVE List, CIRCL, AttackersKB, EUVD, etc.). The reported CVSS v3.1 metrics indicate a high overall impa...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/07/02 8:9 a.m.6 views

WordPress SportsPress Pro plugin <= 2.7.29 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by w41bu1 in WordPress Plugin SportsPress Pro versions = 2.7.29...

7.5CVSS5.8AI score0.00278EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.8 views

PT-2026-55037

Name of the Vulnerable Software and Affected Versions SportsPress Pro versions 2.7.29 and earlier Description A Local File Inclusion LFI issue exists where users with Contributor privileges can read local files on the server. Local File Inclusion is a vulnerability that allows an attacker to indu...

7.5CVSS5.9AI score0.00278EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/02/10 11:45 p.m.151 views

Exploit for CVE-2025-15368

CVE-2025-15368 Exploit Tool SportsPress Plugin for WordPres...

8.8CVSS6.1AI score0.0075EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/02/05 7:23 p.m.11 views

CVE-2025-15368

The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'templatename' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files...

8.8CVSS6.5AI score0.0075EPSS
Exploits1References1
NVD
NVD
added 2026/02/04 2:16 p.m.12 views

CVE-2025-15368

The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'templatename' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files...

8.8CVSS0.0075EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/02/04 1:24 p.m.6 views

CVE-2025-15368 SportsPress <= 2.7.26 - Authenticated (Contributor+) Local File Inclusion via Shortcode

The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'templatename' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files...

8.8CVSS6.5AI score0.0075EPSS
Exploits1References5
CVE
CVE
added 2026/02/04 1:24 p.m.29 views

CVE-2025-15368

Vulnerability summary (CVE-2025-15368) : The SportsPress WordPress plugin (versions up to 2.7.26) is vulnerable to Local File Inclusion via the shortcodes’ template_name attribute. Authenticated attackers with contributor-level permissions or higher can include and execute arbitrary server files,...

8.8CVSS6.5AI score0.0075EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/02/04 1:24 p.m.35 views

CVE-2025-15368 SportsPress <= 2.7.26 - Authenticated (Contributor+) Local File Inclusion via Shortcode

The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'templatename' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files...

8.8CVSS0.0075EPSS
Exploits1References5
EUVD
EUVD
added 2026/02/04 1:24 p.m.9 views

EUVD-2025-206819

The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'templatename' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files...

8.8CVSS6.5AI score0.0075EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.15 views

WordPress plugin SportsPress 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.8CVSS6.1AI score0.0075EPSS
Exploits1References5
Patchstack
Patchstack
added 2026/02/03 11:44 p.m.11 views

WordPress SportsPress plugin <= 2.7.26 - Authenticated (Contributor+) Local File Inclusion via Shortcode vulnerability

Authenticated Contributor+ Local File Inclusion via Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin SportsPress – Sports Club & League Manager versions = 2.7.26...

8.8CVSS5.3AI score0.0075EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:6 a.m.7 views

CVE-2024-34824

Missing Authorization vulnerability in ThemeBoy SportsPress – Sports Club & League Manager.This issue affects SportsPress – Sports Club & League Manager: from n/a through 2.7.20...

6.3CVSS6.9AI score0.00246EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-6100

Malware in sbrugna...

5.4CVSS5.5AI score0.00696EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-35089

Malicious code in bioql PyPI...

6.3CVSS6.4AI score0.00246EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-32552

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.00415EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-16946

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00431EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:40 a.m.9 views

CVE-2024-1178

The SportsPress – Sports Club & League Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settingssave function in all versions up to, and including, 2.7.17. This makes it possible for unauthenticated attackers to update the...

5.3CVSS6.7AI score0.00431EPSS
Exploits0References1
Rows per page
Query Builder