13 matches found
EUVD-2025-29695
Malicious code in bioql PyPI...
CVE-2025-9216
The StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the import function in all versions up to, and including, 1.5.0. This makes it possible for...
CVE-2025-9215
The StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.0 via the filedownload function. This makes it possible for authenticated attackers, with...
WordPress StoreEngine plugin path traversal vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A path traversal vulnerability exists in the WordPress StoreEngine plugin, which stems from a path traversal issue in the filedownload function. An attacker can exploit this...
CVE-2025-9216
The StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the import function in all versions up to, and including, 1.5.0. This makes it possible for...
CVE-2025-9216 StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More <= 1.5.0 - Authenticated (Subscriber+) Arbitrary File Upload
The StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the import function in all versions up to, and including, 1.5.0. This makes it possible for...
CVE-2025-9216 StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More <= 1.5.0 - Authenticated (Subscriber+) Arbitrary File Upload
The StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the import function in all versions up to, and including, 1.5.0. This makes it possible for...
CVE-2025-9215 StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More <= 1.5.0 - Authenticated (Subscriber+) Arbitrary File Download
The StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.0 via the filedownload function. This makes it possible for authenticated attackers, with...
CVE-2025-9215
CVE-2025-9215 – StoreEngine WordPress plugin is affected up to version 1.5.0 by a path traversal vulnerability in the file_download() function. The issue allows authenticated users with Subscriber-level access or higher to read arbitrary server files containing sensitive information. Public CVE r...
WordPress StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More plugin <= 1.5.0 - Authenticated (Subscriber+) Arbitrary File Download vulnerability
Authenticated Subscriber+ Arbitrary File Download vulnerability discovered by Ryan Kozak in WordPress Plugin StoreEngine versions = 1.5.0...
WordPress plugin StoreEngine 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
Exploit for CVE-2025-9216
StoreEngine – Powerful WordPress eCommerce Plugin for Payments...
Exploit for CVE-2025-9215
StoreEngine Powerful WordPress eCommerce Plugin for Payments,...