Lucene search
+L

1004 matches found

RedhatCVE
RedhatCVE
added 2025/12/14 5:3 a.m.15 views

CVE-2025-14446

The Popup Builder Easy Notify Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the easynotifycpreset function in all versions up to, and including, 1.1.37. This makes it possible for authenticated attackers, with Subscriber-level...

6.5CVSS5.1AI score0.00221EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/14 5:3 a.m.6 views

CVE-2025-14397

The Postem Ipsum plugin for WordPress is vulnerable to unauthorized modification of data to Privilege Escalation due to a missing capability check on the postemipsumgenerateusers function in all versions up to, and including, 3.0.1. This makes it possible for authenticated attackers, with...

8.8CVSS5.2AI score0.00248EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/13 6:30 p.m.5 views

EUVD-2025-203234

The Popover Windows plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple ajax actions e.g., popsubmit, popthemesubmit in all versions up to, and including, 1.2. This makes it possible for authenticated attackers, with subscriber-lev...

4.3CVSS4.7AI score0.00164EPSS
Exploits0References3
NVD
NVD
added 2025/12/13 4:16 p.m.4 views

CVE-2025-14397

The Postem Ipsum plugin for WordPress is vulnerable to unauthorized modification of data to Privilege Escalation due to a missing capability check on the postemipsumgenerateusers function in all versions up to, and including, 3.0.1. This makes it possible for authenticated attackers, with...

8.8CVSS0.00248EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/13 12:0 a.m.5 views

WordPress plugin Mavix Education 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

4.3CVSS6.3AI score0.00164EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/13 12:0 a.m.5 views

WordPress plugin Devs CRM – Manage tasks, attendance and teams all together 安全漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that provides the ability to host a personal blog site on a PHP and MySQL based server. WordPress plugin Devs CRM - Manage task...

5.3CVSS6.2AI score0.00239EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/13 12:0 a.m.7 views

WordPress plugin Popup Builder (Easy Notify Lite) 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

6.5CVSS6.3AI score0.00221EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.5 views

WordPress plugin Premmerce Brands for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

4.3CVSS6.3AI score0.00248EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/12/11 11:35 a.m.12 views

mysql: InnoDB unspecified vulnerability (CPU Oct 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

5.5CVSS5.7AI score0.00448EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/12/07 6:5 a.m.15 views

CVE-2025-12577

The Listar – Directory Listing & Classifieds WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/wp-json/listar/v1/place/save' REST API endpoint in all versions up to, and including, 3.0.0. This makes it possible for...

4.3CVSS5.1AI score0.00164EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/06 5:54 a.m.5 views

CVE-2025-12165

The Webcake – Landing Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'webcakesaveconfig' AJAX endpoint in all versions up to, and including, 1.1. This makes it possible for authenticated attackers, with Subscriber-leve...

4.3CVSS5AI score0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/06 5:49 a.m.22 views

CVE-2025-12577 Listar – Directory Listing & Classifieds WordPress Plugin <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) Listing Update

The Listar – Directory Listing & Classifieds WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/wp-json/listar/v1/place/save' REST API endpoint in all versions up to, and including, 3.0.0. This makes it possible for...

4.3CVSS0.00164EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/05 5:31 a.m.8 views

EUVD-2025-201370

The EPROLO Dropshipping plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpajaxeprolodeletetracking and wpajaxeprolosavetrackingdata AJAX endpoints in all versions up to, and including, 2.3.1. This makes it possible for authenticated...

4.3CVSS4.6AI score0.00197EPSS
Exploits0References3
CVE
CVE
added 2025/12/05 5:31 a.m.13 views

CVE-2025-12165

CVE-2025-12165 pertains to the WordPress plugin Webcake – Landing Page Builder. Connected sources confirm a missing capability check on the webcake_save_config AJAX endpoint across versions up to 1.1, enabling authenticated attackers with Subscriber-level access and above to modify plugin setting...

4.3CVSS4.6AI score0.00214EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.8 views

WordPress plugin Projectopia 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

5.3CVSS6.3AI score0.00297EPSS
Exploits0References3
CNVD
CNVD
added 2025/11/27 12:0 a.m.1 views

WordPress Refund Request for WooCommerce plugin unauthorized data modification vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An unauthorized data modification vulnerability exists in the WordPress Refund Request for WooCommerce plugin, which stems from a lack of privilege checking and can be exploited...

4.3CVSS7AI score0.00163EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/27 12:0 a.m.10 views

WordPress Plugin Blog2Social: Social Media Auto Post & Scheduler Has Unspecified Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Blog2Social: Social Media Auto Post &...

5.4CVSS6.4AI score0.00225EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/27 12:0 a.m.9 views

WordPress plugin Reuters Direct 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.3AI score0.002EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/27 12:0 a.m.9 views

WordPress plugin WP Fastest Cache 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

4.3CVSS6.3AI score0.00195EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/27 12:0 a.m.5 views

WordPress plugin Folders 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

4.3CVSS6.4AI score0.00202EPSS
Exploits0References5
Rows per page
Query Builder