CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

RedhatCVE•added 2025/02/04 10:30 p.m.•2 views

CVE-2024-8246

The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions UGC plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.8.11. This is due to plugin not properly restricting what users have access to se...

8.8CVSS6.7AI score0.00423EPSS

Exploits0References1

Prion•added 2024/03/07 11:15 a.m.•19 views

Design/Logic Flaw

The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions UGC plugin for WordPress is vulnerable to unauthorized media upload due to a missing capability check on the buddyformsuploadhandledroppedmedia function in all versions up to, and...

5CVSS7AI score0.00626EPSS

Exploits0References3

Cvelist•added 2024/03/07 11:1 a.m.•17 views

CVE-2024-1169 Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.7 - Missing Authorization to Unauthenticated Media Upload

7.5CVSS7.5AI score0.00626EPSS

Exploits0References3

Cvelist•added 2024/03/07 11:1 a.m.•16 views

CVE-2024-1170 Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.7 - Missing Authorization to Unauthenticated Media Deletion

The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions UGC plugin for WordPress is vulnerable to unauthorized media file deletion due to a missing capability check on the handledeletedmedia function in all versions up to, and including,...

8.2CVSS8.2AI score0.00501EPSS

Exploits0References3

WPVulnDB•added 2024/03/06 12:0 a.m.•15 views

Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) < 2.8.8 - Missing Authorization to Unauthenticated Media Deletion

Description The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions UGC plugin for WordPress is vulnerable to unauthorized media file deletion due to a missing capability check on the handledeletedmedia function in all versions up to, and...

8.2CVSS7.1AI score0.00501EPSS

Exploits0References1Affected Software1

Exploit DB•added 2011/01/25 12:0 a.m.•20 views

WordPress Plugin Featured Content 0.0.1 - 'listid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/46001/info The Featured Content plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.4AI score

Exploits0

Packet Storm•added 2011/01/25 12:0 a.m.•28 views

WordPress x7Host's Videox7 UGC Plugin 2.5.3.2 Cross Site Scripting

------------------------------------------------------------------------ Software................WordPress x7Host's Videox7 UGC Plugin 2.5.3.2 Vulnerability...........Reflected Cross-site Scripting Download................http://public.exseven.com/wordpress/ Release Date............1/24/2011 Test...

0.3AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by