Lucene search
K

6 matches found

NVD
NVD
added 2025/03/13 5:15 a.m.27 views

CVE-2025-2104

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to unauthorized post publication due to insufficient validation on the pagelayersavecontent function in all versions up to, and including, 1.9.8. This makes it possible for authenticated attackers, with...

4.3CVSS0.00269EPSS
Exploits0References2
CVE
CVE
added 2025/03/13 4:21 a.m.71 views

CVE-2025-2104

CVE-2025-2104 affects Page Builder: Pagelayer (WordPress). The vulnerability arises from insufficient validation in pagelayer_save_content(), allowing authenticated attackers with Contributor-level access and above to bypass post moderation and publish posts. Affected versions: up to 1.9.8 per CV...

4.3CVSS4.5AI score0.00269EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/03/13 4:21 a.m.29 views

CVE-2025-2104 Page Builder: Pagelayer – Drag and Drop website builder <= 1.9.9 - Missing Authorization to Authenticated (Contributor+) Post Publication

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to unauthorized post publication due to insufficient validation on the pagelayersavecontent function in all versions up to, and including, 1.9.8. This makes it possible for authenticated attackers, with...

4.3CVSS0.00269EPSS
Exploits0References2
NVD
NVD
added 2024/10/24 8:15 a.m.15 views

CVE-2024-8667

The HurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized post publication due to a missing capability check on the activateCampaign function in all versions up to, and including, 2.10.0. This makes it possible for...

4.3CVSS0.00333EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/10/24 7:35 a.m.17 views

CVE-2024-8667 HurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce <= 2.10.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Publication

The HurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized post publication due to a missing capability check on the activateCampaign function in all versions up to, and including, 2.10.0. This makes it possible for...

4.3CVSS6.6AI score0.00333EPSS
Exploits0References3
CVE
CVE
added 2024/10/24 7:35 a.m.59 views

CVE-2024-8667

CVE-2024-8667: HurryTimer plugin for WordPress and WooCommerce vulnerable to unauthorized post publication due to missing capability check in activateCampaign() in versions up to 2.10.0. Authenticated attackers with contributor-level access or higher can publish arbitrary posts. Remediation: upgr...

4.3CVSS4.8AI score0.00333EPSS
Exploits0References3
Rows per page
Query Builder