Lucene search
K

12 matches found

CVE
CVE
added 2026/03/10 9:25 a.m.14 views

CVE-2026-1261

MetForm Pro

7.2CVSS5.9AI score0.00308EPSS
Exploits0References5
Wordfence Blog
Wordfence Blog
added 2026/03/09 5:13 p.m.11 views

30,000 WordPress Sites Affected by Authentication Bypass Vulnerability in Tutor LMS Pro WordPress Plugin

On December 30th, 2025, we received a submission for an Authentication Bypass vulnerability in Tutor LMS Pro, a WordPress plugin estimated to have more than 30,000 active installations. The vulnerability makes it possible for an unauthenticated attacker to gain access to any account on a site...

9.8CVSS7AI score0.00655EPSS
Exploits0
OSV
OSV
added 2025/12/16 9:16 a.m.6 views

CVE-2025-68062

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove MinimogWP minimog allows PHP Local File Inclusion.This issue affects MinimogWP: from n/a through = 3.9.6...

7.5CVSS5.8AI score0.00306EPSS
Exploits0References1
CVE
CVE
added 2025/12/16 8:13 a.m.10 views

CVE-2025-68062

CVE-2025-68062 — WordPress MinimogWP theme <= 3.9.6 suffers an improper filename handling vulnerability allowing PHP Local File Inclusion via Include/Require in the PHP program (PHP Remote File Inclusion). The issue is classified as a high-severity vulnerability (CVSS v3.1 base score 7.5) with...

7.5CVSS6.7AI score0.00306EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.4 views

WordPress plugin MinimogWP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

7.5CVSS6.4AI score0.00306EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/06 12:0 a.m.4 views

PT-2024-21664 · Unknown · Notes Station 3

Name of the Vulnerable Software and Affected Versions: Notes Station 3 versions prior to 3.9.6 Description: A cross-site scripting XSS vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network...

6.3CVSS5.9AI score0.00248EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/06/14 12:0 a.m.5 views

WordPress Plugin MStore API 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

4.3CVSS6.1AI score0.00316EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/09/09 12:0 a.m.6 views

WordPress plugin WP Shop 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

9.1CVSS8.2AI score0.00721EPSS
Exploits0References3
OSV
OSV
added 2022/02/12 12:0 a.m.4 views

GHSA-6PW2-5HJV-9PF7 Sandbox bypass in vm2

The package vm2 before 3.9.6 are vulnerable to Sandbox Bypass via direct access to host error objects generated by node internals during generation of a stacktraces, which can lead to execution of arbitrary code on the host machine...

9.8CVSS7.6AI score0.02876EPSS
Exploits1References4
OSV
OSV
added 2021/10/11 1:15 p.m.3 views

CVE-2021-29005

Insecure permission of chmod command on rConfig server 3.9.6 exists. After installing rConfig apache user may execute chmod as root without password which may let an attacker with low privilege to gain root access on server...

8.8CVSS5.8AI score0.01827EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2021/05/10 12:0 a.m.5 views

PT-2021-3113 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle versions 3.5 to 3.5.17 Moodle versions 3.8 to 3.8.8 Moodle versions 3.9 to 3.9.6 Moodle versions 3.10 to 3.10.3 Description: The issue exists due to insufficient input validation in the virtual learning environment. This allows a remot...

9.8CVSS6.3AI score0.52299EPSS
Exploits19References103
ATTACKERKB
ATTACKERKB
added 2007/02/07 11:28 a.m.4 views

CVE-2007-0818

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-0396. Reason: This candidate is a duplicate of CVE-2007-0396. Notes: All CVE users should reference CVE-2007-0396 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

7.1CVSS5.9AI score0.0221EPSS
Exploits0References1
Rows per page
Query Builder