Lucene search
K

13 matches found

Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-57658 WordPress TemplateSpare plugin <= 4.2.0 - Arbitrary File Upload vulnerability

Administrator Arbitrary File Upload in TemplateSpare = 4.2.0 versions...

9.1CVSS0.00278EPSS
Exploits0References1
CVE
CVE
added 6 days ago15 views

CVE-2026-57658

CVE-2026-57658 concerns the WordPress TemplateSpare plugin, specifically versions

9.1CVSS5.8AI score0.00278EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-39663

Administrator Arbitrary File Upload in TemplateSpare = 4.2.0 versions...

9.1CVSS5.8AI score0.00278EPSS
Exploits0References1
Patchstack
Patchstack
added 6 days ago6 views

WordPress TemplateSpare plugin <= 4.2.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin TemplateSpare versions = 4.2.0...

9.1CVSS5.8AI score0.00278EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-52828

Name of the Vulnerable Software and Affected Versions TemplateSpare versions 4.2.0 and earlier Description An issue allows an administrator to perform an arbitrary file upload. This means a user with high privileges can upload files of any type to the server, which could potentially lead to remot...

9.1CVSS6.1AI score0.00278EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/08/05 2:33 a.m.4 views

WordPress TemplateSpare plugin <= 2.4.2 - Missing Authorization to Authenticated (Subscriber+) Theme Update vulnerability

Missing Authorization to Authenticated Subscriber+ Theme Update vulnerability discovered by Lucio Sá in WordPress Plugin TemplateSpare versions = 2.4.2...

5.4CVSS7AI score0.00328EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/05 12:0 a.m.13 views

WordPress TemplateSpare Plugin <= 2.4.2 is vulnerable to Broken Access Control

Software TemplateSpare Type Plugin Vulnerable versions = 2.4.2 Fixed in 2.4.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6872 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 61e41ef1fa5e Credits Lucio Sá Required privilege...

5.4CVSS6.6AI score0.00328EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/08/03 12:15 p.m.5 views

CVE-2024-6872

The Build Your Dream Website Fast with 400+ Starter Templates and Landing Pages, No Coding Needed, One-Click Import for Elementor & Gutenberg Blocks! – TemplateSpare plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the...

5.4CVSS5.6AI score
Exploits0References4
NVD
NVD
added 2024/08/03 12:15 p.m.25 views

CVE-2024-6872

The Build Your Dream Website Fast with 400+ Starter Templates and Landing Pages, No Coding Needed, One-Click Import for Elementor & Gutenberg Blocks! – TemplateSpare plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the...

5.4CVSS0.00328EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/08/03 11:37 a.m.30 views

CVE-2024-6872 Build Your Dream Website Fast with 400+ Starter Templates and Landing Pages, No Coding Needed, One-Click Import for Elementor & Gutenberg Blocks! – TemplateSpare <= 2.4.2 - Missing Authorization to Authenticated (Subscriber+) Theme Update

The Build Your Dream Website Fast with 400+ Starter Templates and Landing Pages, No Coding Needed, One-Click Import for Elementor & Gutenberg Blocks! – TemplateSpare plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the...

4.3CVSS0.00328EPSS
Exploits0References4
CVE
CVE
added 2024/08/03 11:37 a.m.35 views

CVE-2024-6872

The CVE-2024-6872 entry concerns the WordPress TemplateSpare plugin (≤ 2.4.2). Root cause: missing capability checks in templatespare_activate_required_theme and templatespare_get_theme_status allow authenticated users with Subscriber+ privileges to activate any installed theme and read theme sta...

5.4CVSS4.3AI score0.00328EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/03 12:0 a.m.4 views

PT-2024-37918 · WordPress · Templatespare

Name of the Vulnerable Software and Affected Versions: TemplateSpare plugin for WordPress versions up to, and including, 2.4.2 Description: The TemplateSpare plugin for WordPress has an issue due to a missing capability check on the templatespare activate required theme and templatespare get them...

5.4CVSS7AI score0.00328EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/08/03 12:0 a.m.3 views

WordPress plugin TemplateSpare 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.4CVSS6.2AI score0.00328EPSS
Exploits0References5
Rows per page
Query Builder