Lucene search
K

15 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/05 5:54 a.m.4 views

CVE-2026-28093

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Ozisti ozisti allows PHP Local File Inclusion.This issue affects Ozisti: from n/a through = 1.1.10...

5.9AI score0.00403EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/02/02 8:31 a.m.6 views

WordPress HelloAsso plugin <= 1.1.10 - Missing Authorization to Authenticated (Contributor+) Limited Options Update vulnerability

Missing Authorization to Authenticated Contributor+ Limited Options Update vulnerability discovered by Peter Thaleikis in WordPress Plugin HelloAsso versions = 1.1.10...

4.3CVSS5.3AI score0.00427EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/01/10 3:15 p.m.5 views

CVE-2026-0824

A security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of the component Web Console. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Upgrading t...

5.1CVSS3.6AI score
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/01/10 2:32 p.m.3 views

CVE-2026-0824 questdb ui Web Console cross site scripting

A security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of the component Web Console. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Upgrading t...

5.1CVSS5.3AI score0.00242EPSS
Exploits0References9
Patchstack
Patchstack
added 2025/12/31 4:19 p.m.8 views

WordPress Order Cancellation & Returns for WooCommerce plugin <= 1.1.10 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by powpy in WordPress Plugin Order Cancellation & Returns for WooCommerce versions = 1.1.11...

4.3CVSS5.5AI score0.00221EPSS
Exploits0Affected Software1
CVE
CVE
added 2025/12/12 3:20 a.m.15 views

CVE-2025-13440

CVE-2025-13440 affects Premmerce Wishlist for WooCommerce (WordPress). The flaw is Missing Authorization via deleteWishlist(), allowing authenticated users with Subscriber+ access to delete arbitrary wishlists in versions up to 1.1.10. Root cause: missing capability check in the deleteWishlist() ...

5.3CVSS5AI score0.00286EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/12 3:20 a.m.2 views

CVE-2025-13440 Premmerce Wishlist for WooCommerce <= 1.1.10 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Wishlist Deletion

The Premmerce Wishlist for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.1.10. This is due to a missing capability check on the deleteWishlist function. This makes it possible for authenticated attackers, with Subscriber-level acce...

5.3CVSS5AI score0.00286EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/07 5:33 p.m.6 views

CVE-2025-60191

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Premmerce Premmerce Wishlist for WooCommerce premmerce-woocommerce-wishlist allows PHP Local File Inclusion.This issue affects Premmerce Wishlist for WooCommerce: from n/a throug...

7.5CVSS7.1AI score0.0042EPSS
Exploits0References1
CVE
CVE
added 2025/10/29 8:38 a.m.26 views

CVE-2025-64285

CVE-2025-64285 affects the WordPress plugin Premmerce Wholesale Pricing for WooCommerce (versions through 1.1.10). Root cause: missing authorization due to incorrectly configured access control security levels, enabling potential unauthorized access. Impact: broken access control could allow priv...

5.4CVSS6.6AI score0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/29 8:38 a.m.3 views

CVE-2025-64285 WordPress Premmerce Wholesale Pricing for WooCommerce plugin <= 1.1.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Wholesale Pricing for WooCommerce: from n/a through = 1.1.10...

5.4CVSS6.6AI score0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/22 3:31 p.m.4 views

EUVD-2025-35553

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themefic Hydra Booking hydra-booking allows SQL Injection.This issue affects Hydra Booking: from n/a through = 1.1.10...

6.5CVSS7.1AI score0.00397EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/06/12 2:15 p.m.6 views

WordPress Hydra Booking plugin <= 1.1.10 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin Hydra Booking versions = 1.1.10...

8.5CVSS8.1AI score0.00397EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/18 6:7 p.m.4 views

WordPress Replace Image plugin <= 1.1.10 - Authenticated Insecure Direct Object Reference vulnerability

Authenticated Insecure Direct Object Reference vulnerability discovered by Jin Hao Chan in WordPress Plugin Replace Image versions = 1.1.10...

4.3CVSS7AI score0.00346EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/09/21 8:15 p.m.5 views

CVE-2022-36365

Multiple Authenticated contributor+ Stored Cross-Site Scripting XSS vulnerabilities in WHA Crossword plugin = 1.1.10 at WordPress...

5.4CVSS5.8AI score0.00568EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2011/07/29 12:0 a.m.43 views

VLC Media Player '.RM' File BOF Vulnerability (Windows)

The host is installed with VLC Media Player and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: secpodvlcmediaplayerrmbofvulnwin.nasl 8174 2017-12-19 12:23:25Z cfischer $ VLC Media Player '.RM' File BOF Vulnerability Windows Authors: Madhuri D Copyright: Copyright c 201...

6.8CVSS0.6AI score0.03695EPSS
Exploits1References3
Rows per page
Query Builder