Lucene search
+L

162 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-3848

Malicious code in bioql PyPI...

9.1CVSS8.9AI score0.00615EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/30 9:31 p.m.11 views

WordPress Ultra Addons for Contact Form 7 plugin <= 3.5.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via UACF7_CUSTOM_FIELDS Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via UACF7CUSTOMFIELDS Shortcode vulnerability discovered by muhammad yudha in WordPress Plugin Ultimate Addons for Contact Form 7 versions = 3.5.21...

6.4CVSS5.5AI score0.00204EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/26 1:44 a.m.10 views

WordPress Ultra Addons for Contact Form 7 plugin 3.5.11-3.5.19 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Sy5temFr4cture in WordPress Plugin Ultimate Addons for Contact Form 7 versions 3.5.11-3.5.19...

7.2CVSS5.5AI score0.00257EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/18 8:6 a.m.20 views

WordPress Ultimate Addons for Contact Form 7 plugin <= 3.5.12 - Authenticated (Administrator+) Arbitrary File Upload via 'save_options' vulnerability

Authenticated Administrator+ Arbitrary File Upload via 'saveoptions' vulnerability discovered by Ryan Kozak in WordPress Plugin Ultimate Addons for Contact Form 7 versions = 3.5.12...

7.2CVSS6.7AI score0.00926EPSS
Exploits2References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/08 1:18 p.m.7 views

CVE-2025-49323

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themefic Hydra Booking hydra-booking allows SQL Injection.This issue affects Hydra Booking: from n/a through = 1.1.10...

8.5CVSS5.9AI score0.00275EPSS
Exploits0References1
NVD
NVD
added 2025/06/06 1:15 p.m.9 views

CVE-2025-49323

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themefic Hydra Booking hydra-booking allows SQL Injection.This issue affects Hydra Booking: from n/a through = 1.1.10...

8.5CVSS0.00275EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 12:53 p.m.51 views

CVE-2025-49323

CVE-2025-49323 affects Hydra Booking (Themefic) for WordPress. The issue is an authenticated SQL injection in Hydra Booking

8.5CVSS5.9AI score0.00275EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/06 12:53 p.m.9 views

CVE-2025-49323 WordPress Hydra Booking plugin <= 1.1.10 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themefic Hydra Booking hydra-booking allows SQL Injection.This issue affects Hydra Booking: from n/a through = 1.1.10...

8.5CVSS5.6AI score0.00275EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/06 12:53 p.m.21 views

CVE-2025-49323 WordPress Hydra Booking plugin <= 1.1.10 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themefic Hydra Booking hydra-booking allows SQL Injection.This issue affects Hydra Booking: from n/a through = 1.1.10...

8.5CVSS0.00275EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/06 12:0 a.m.8 views

PT-2025-24247 · Unknown · Themefic Hydra Booking

Name of the Vulnerable Software and Affected Versions: Themefic Hydra Booking versions 1.1.10 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

8.5CVSS8.6AI score0.00275EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 10:14 a.m.8 views

CVE-2024-32433

Cross-Site Request Forgery CSRF vulnerability in Themefic BEAF beaf-before-and-after-gallery.This issue affects BEAF: from n/a through = 4.5.4...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:56 a.m.8 views

CVE-2024-29134

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.8...

6.5CVSS7.2AI score0.00343EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:17 a.m.6 views

CVE-2023-30493

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Themefic Ultimate Addons for Contact Form 7 plugin = 3.2.0 versions...

7.1CVSS5.8AI score0.0033EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:17 a.m.6 views

CVE-2023-30495

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themefic Ultimate Addons for Contact Form 7.This issue affects Ultimate Addons for Contact Form 7: from n/a through 3.1.23...

8.5CVSS8.6AI score0.00625EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:14 a.m.5 views

CVE-2023-47693

Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through = 3.2.6...

7.5CVSS7.3AI score0.0051EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/09 3:25 p.m.18 views

CVE-2025-47550

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Instantio instantio allows Upload a Web Shell to a Web Server.This issue affects Instantio: from n/a through = 3.3.16...

7.2CVSS7.2AI score0.00377EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/09 3:24 p.m.16 views

CVE-2025-47549

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF beaf-before-and-after-gallery allows Upload a Web Shell to a Web Server.This issue affects BEAF: from n/a through = 4.6.10...

9.1CVSS7.2AI score0.00443EPSS
Exploits1References1
NVD
NVD
added 2025/05/07 3:16 p.m.19 views

CVE-2025-47550

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Instantio instantio allows Upload a Web Shell to a Web Server.This issue affects Instantio: from n/a through = 3.3.16...

7.2CVSS0.00377EPSS
Exploits1References1
OSV
OSV
added 2025/05/07 3:16 p.m.7 views

CVE-2025-47550

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Instantio allows Upload a Web Shell to a Web Server. This issue affects Instantio: from n/a through 3.3.16...

7.2CVSS5.8AI score0.00377EPSS
Exploits1References3
NVD
NVD
added 2025/05/07 3:16 p.m.18 views

CVE-2025-47549

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF beaf-before-and-after-gallery allows Upload a Web Shell to a Web Server.This issue affects BEAF: from n/a through = 4.6.10...

9.1CVSS0.00443EPSS
Exploits1References1
Rows per page
Query Builder