Lucene search
K

7 matches found

Cvelist
Cvelist
added 2026/02/20 3:46 p.m.23 views

CVE-2025-67974 WordPress WPLegalPages plugin <= 3.5.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Legal Pages WPLegalPages wplegalpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLegalPages: from n/a through = 3.5.4...

7.5CVSS0.00278EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/27 7:21 a.m.4 views

WordPress WPLegalPages plugin <= 3.5.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by NumeX in WordPress Plugin WPLegalPages versions = 3.5.4...

7.5CVSS5.9AI score0.00278EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/20 8:22 p.m.6 views

CVE-2026-23850

SiYuan is a personal knowledge management system. In versions prior to 3.5.4, the markdown feature allows unrestricted server side html-rendering which allows arbitrary file read LFD. Version 3.5.4 fixes the issue...

8.8CVSS5.6AI score0.00522EPSS
Exploits1References1
CVE
CVE
added 2025/08/20 8:3 a.m.16 views

CVE-2025-48163

CVE-2025-48163 is a Reflected Cross-Site Scripting vulnerability in LambertGroup SHOUT - HTML5 Radio Player With Ads - ShoutCast and IceCast Support. Affected versions are up to 3.5.4; the CVSS v3.1 base score is 7.1 (HIGH). The issue arises from improper input neutralization during web page gene...

7.1CVSS5.9AI score0.00226EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/15 12:0 a.m.5 views

PT-2023-5573 · Unknown · Jumpserver

Name of the Vulnerable Software and Affected Versions: JumpServer versions 3.0.0 through 3.5.4 JumpServer versions 3.6.0 through 3.6.3 Description: The issue is related to a weakness in the authentication procedure of JumpServer, an open-source bastion host and professional operation and...

8.5CVSS5.4AI score0.55861EPSS
Exploits5References24
Positive Technologies
Positive Technologies
added 2020/06/04 12:0 a.m.4 views

PT-2020-13708 · Phplist · Phplist

Name of the Vulnerable Software and Affected Versions: phpList versions prior to 3.5.4 Description: The issue allows for XSS attacks via the "/lists/admin/user.php" and "/lists/admin/users.php" API endpoints. This can potentially lead to malicious script execution. Recommendations: For versions...

6.1CVSS6.1AI score0.00848EPSS
Exploits1References7
Exploit DB
Exploit DB
added 2019/08/23 12:0 a.m.362 views

Nimble Streamer 3.0.2-2 &lt; 3.5.4-9 - Directory Traversal

Nimble Streamer 3.0.2-2 to 3.5.4-9 - Path Traversal Exploit Author: MAYASEVEN Source at "https://mayaseven.com/nimble-directory-traversal-in-nimble-streamer-version-3-0-2-2-to-3-5-4-9/" Published on 08/04/2019 Vendor Homepage at "https://wmspanel.com/nimble" Affected Version 3.0.2-2 to 3.5.4-9...

6.5CVSS6.7AI score0.23978EPSS
Exploits5
Rows per page
Query Builder