Lucene search
K

6 matches found

Patchstack
Patchstack
added 2026/07/02 7:11 a.m.9 views

WordPress Ninja Forms - File Uploads plugin <= 3.3.29 - Unauthenticated Arbitrary File Read vulnerability

WordPress Ninja Forms - File Uploads plugin = 3.3.29 - Unauthenticated Arbitrary File Read vulnerability discovered by daroo in WordPress Plugin Ninja Forms File Uploads Extension versions = 3.3.29...

7.5CVSS5.8AI score0.00522EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/15 11:5 p.m.8 views

WordPress Kalium plugin <= 3.29 - Missing Authorization to Unauthenticated Mail Relay via kalium_vc_contact_form_request vulnerability

Missing Authorization to Unauthenticated Mail Relay via kaliumvccontactformrequest vulnerability discovered by Ahmed Rayen Ayari in WordPress Theme Kalium versions = 3.29...

5.3CVSS7AI score0.00227EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/15 1:23 p.m.4 views

CVE-2025-12895 Kalium <= 3.29 - Missing Authorization to Unauthenticated Mail Relay via kalium_vc_contact_form_request

The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kaliumvccontactformrequest function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers to us...

5.3CVSS5.2AI score0.00227EPSS
Exploits0References3
CBLMariner
CBLMariner
added 2025/12/30 3:55 p.m.4 views

CVE-2025-14177 affecting package php for versions less than 8.3.29-1

CVE-2025-14177 affecting package php for versions less than 8.3.29-1. A patched version of the package is available...

7.5CVSS5.9AI score0.00474EPSS
Exploits3
Cvelist
Cvelist
added 2025/10/18 5:41 a.m.10 views

CVE-2025-11738 Media Library Assistant <= 3.29 - Unauthenticated Limited File Read

The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can...

5.3CVSS0.00375EPSS
Exploits0References3
OSV
OSV
added 2019/06/12 2:29 p.m.2 views

DEBIAN-CVE-2019-10155

The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects...

3.1CVSS4.3AI score0.00512EPSS
Exploits0References1
Rows per page
Query Builder