Lucene search
+L

162 matches found

NVD
NVD
added 2025/01/02 12:15 p.m.19 views

CVE-2023-47693

Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through = 3.2.6...

7.5CVSS0.0051EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/02 12:0 p.m.10 views

CVE-2023-47693 WordPress Ultimate Addons for Contact Form 7 plugin <= 3.2.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through = 3.2.6...

7.5CVSS7.3AI score0.0051EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.4 views

PT-2025-1546 · WordPress · Themefic Ultimate Addons For Contact Form 7

Name of the Vulnerable Software and Affected Versions: Themefic Ultimate Addons for Contact Form 7 versions 3.2.6 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations:...

7.5CVSS8.7AI score0.0051EPSS
Exploits0References3
NVD
NVD
added 2024/04/15 9:15 a.m.14 views

CVE-2024-32433

Cross-Site Request Forgery CSRF vulnerability in Themefic BEAF beaf-before-and-after-gallery.This issue affects BEAF: from n/a through = 4.5.4...

4.3CVSS4.6AI score0.00216EPSS
Exploits0References2
CVE
CVE
added 2024/04/15 8:38 a.m.60 views

CVE-2024-32433

CVE-2024-32433 is a Cross-Site Request Forgery vulnerability in the BEAF (Ultimate Before After Image Slider & Gallery) WordPress plugin, affecting BEAF versions up to 4.5.4. The vulnerability is described as a CSRF that can affect the notice dismissal flow, enabling an attacker to cause a logged...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/15 8:38 a.m.30 views

CVE-2024-32433 WordPress BEAF plugin <= 4.5.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Themefic BEAF beaf-before-and-after-gallery.This issue affects BEAF: from n/a through = 4.5.4...

4.3CVSS4.9AI score0.00216EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/15 8:38 a.m.17 views

CVE-2024-32433 WordPress BEAF plugin <= 4.5.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Themefic BEAF beaf-before-and-after-gallery.This issue affects BEAF: from n/a through = 4.5.4...

4.3CVSS5.1AI score0.00216EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.5 views

PT-2024-24563 · Unknown · Themefic Beaf

Name of the Vulnerable Software and Affected Versions: Themefic BEAF versions through 4.5.4 Description: A Cross-Site Request Forgery CSRF issue affects Themefic BEAF, allowing unauthorized actions to be performed on behalf of a user without their knowledge. Recommendations: For versions through...

4.3CVSS6.7AI score0.00216EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/04/12 12:0 a.m.10 views

WordPress BEAF Plugin <= 4.5.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software BEAF Type Plugin Vulnerable versions = 4.5.4 Fixed in 4.5.5 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32433 Patch priority Low CVSS severity Low 4.3 Developer Themefic PSID 289a94720dc1 Credits Dhabaleshwar Das Required privilege...

4.3CVSS6.6AI score0.00216EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/03/19 2:15 p.m.11 views

CVE-2024-29137

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.7...

7.1CVSS6.9AI score0.00622EPSS
Exploits0References2
OSV
OSV
added 2024/03/19 2:15 p.m.5 views

CVE-2024-29137

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic allows Reflected XSS.This issue affects Tourfic: from n/a through 2.11.7...

6.1CVSS5.8AI score0.00622EPSS
Exploits0References1
OSV
OSV
added 2024/03/19 2:15 p.m.2 views

CVE-2024-29136

Deserialization of Untrusted Data vulnerability in Themefic Tourfic.This issue affects Tourfic: from n/a through 2.11.17...

8.8CVSS5.8AI score0.00632EPSS
Exploits0References1
NVD
NVD
added 2024/03/19 2:15 p.m.16 views

CVE-2024-29136

Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.17...

8.8CVSS8.5AI score0.00632EPSS
Exploits0References2
OSV
OSV
added 2024/03/19 2:15 p.m.2 views

CVE-2024-29134

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic allows Stored XSS.This issue affects Tourfic: from n/a through 2.11.8...

5.4CVSS5.8AI score0.00343EPSS
Exploits0References1
NVD
NVD
added 2024/03/19 2:15 p.m.18 views

CVE-2024-29134

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.8...

6.5CVSS6.4AI score0.00343EPSS
Exploits0References2
CVE
CVE
added 2024/03/19 1:52 p.m.65 views

CVE-2024-29134

CVE-2024-29134 affects the Tourfic WordPress plugin (versions up to 2.11.8). It is a Stored XSS due to improper neutralization of input during web page generation. The issue is fixed in Tourfic 2.11.9; administrators should upgrade to the fixed version to mitigate the vulnerability. The connected...

6.5CVSS7.2AI score0.00343EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/03/19 1:52 p.m.30 views

CVE-2024-29134 WordPress Tourfic plugin <= 2.11.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.8...

6.5CVSS6.6AI score0.00343EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/19 1:52 p.m.11 views

CVE-2024-29134 WordPress Tourfic plugin <= 2.11.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.8...

6.5CVSS7.2AI score0.00343EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/19 1:48 p.m.20 views

CVE-2024-29136 WordPress Tourfic plugin <= 2.11.17 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.17...

8.5CVSS7.2AI score0.00632EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/19 1:48 p.m.26 views

CVE-2024-29136 WordPress Tourfic plugin <= 2.11.17 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.17...

8.5CVSS8.7AI score0.00632EPSS
Exploits0References1
Rows per page
Query Builder