Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/22 3:31 p.m.4 views

EUVD-2025-35402

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in ThimPress WP Pipes wp-pipes allows Path Traversal.This issue affects WP Pipes: from n/a through = 1.4.3...

6.4AI score0.00464EPSS
Exploits0References2
OSV
OSV
added 2025/10/22 3:15 p.m.2 views

CVE-2025-60227

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in ThimPress WP Pipes wp-pipes allows Path Traversal.This issue affects WP Pipes: from n/a through = 1.4.3...

8.6CVSS5.8AI score0.00464EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24733

Malicious code in bioql PyPI...

8.1CVSS6.5AI score0.00354EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 8:15 a.m.4 views

CVE-2025-28977

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress WP Pipes allows Reflected XSS. This issue affects WP Pipes: from n/a through 1.4.3...

7.1CVSS0.00221EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 10:34 a.m.21 views

CVE-2025-28979

CVE-2025-28979 concerns the WordPress plugin WP Pipes (version <= 1.4.3). The flaw is an improper control of the filename for include/require statements, enabling Local File Inclusion (LFI). Multiple sources (NVD, Red Hat advisory, CVE lists, Patchstack) confirm WP Pipes

9.8CVSS5.3AI score0.00354EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/07/16 12:15 p.m.2 views

CVE-2025-28982

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ThimPress WP Pipes allows SQL Injection. This issue affects WP Pipes: from n/a through 1.4.3...

9.8CVSS5.8AI score0.00409EPSS
Exploits0References1
OSV
OSV
added 2023/03/29 7:15 p.m.2 views

CVE-2022-45355

Auth. admin+ SQL Injection SQLi vulnerability in ThimPress WP Pipes plugin = 1.33 versions...

7.2CVSS5.8AI score0.00628EPSS
Exploits0References1
Rows per page
Query Builder