Lucene search
+L

8 matches found

CVE
CVE
added 2026/07/08 4:30 a.m.18 views

CVE-2026-14487

The CVE-2026-14487 entry concerns the WordPress plugin Simple Coherent Form (SCF). Affected versions are all up to and including 2.4.13. The root cause is insufficient file path validation in the removeUploadDir function, enabling unauthenticated deletion of arbitrary server files (e.g., wp-confi...

9.1CVSS6.8AI score0.0074EPSS
Exploits0References6
CVE
CVE
added 2026/06/30 6:0 a.m.13 views

CVE-2026-11581

The CVE-2026-11581 entry concerns the Kali Forms — Contact Form & Drag-and-Drop Builder for WordPress, vulnerable before version 2.4.13. The form captions (columns on the form-entries admin screen) are not sanitized, allowing stored XSS where a user with Contributor-level access (or higher) can i...

5.9CVSS5.8AI score0.0014EPSS
Exploits0References1
Amazon
Amazon
added 2025/09/29 12:0 a.m.6 views

Medium: cups

Issue Overview: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability...

6.5CVSS6.9AI score0.50174EPSS
Exploits16
OSV
OSV
added 2025/09/11 6:15 p.m.7 views

AZL-67112 CVE-2025-58060 affecting package cups for versions less than 2.4.13-1

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the AuthType is set to anything but Basic, if the request contains an Authorization: Basic ... header, the password is not checked. This results in...

8CVSS7.3AI score0.00964EPSS
Exploits1References1
OSV
OSV
added 2025/09/11 6:15 p.m.6 views

ALPINE-CVE-2025-58060

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the AuthType is set to anything but Basic, if the request contains an Authorization: Basic ... header, the password is not checked. This results in...

8CVSS7AI score0.00964EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/09/11 5:26 p.m.19 views

CVE-2025-58364 cups: Remote DoS via null dereference

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local...

6.5CVSS0.01063EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/09/11 5:6 p.m.3 views

CVE-2025-58060 cups has Authentication bypass with AuthType Negotiate

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the AuthType is set to anything but Basic, if the request contains an Authorization: Basic ... header, the password is not checked. This results in...

8CVSS6.7AI score0.00964EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/07/20 12:0 a.m.9 views

PT-2024-37168 · WordPress · Conditional Fields For Contact Form 7

Name of the Vulnerable Software and Affected Versions: Conditional Fields for Contact Form 7 plugin for WordPress versions up to, and including, 2.4.13 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the wpcf7cf admin init function...

4.3CVSS6.7AI score0.00219EPSS
Exploits0References6
Rows per page
Query Builder