CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2026/01/09 9:32 a.m.•6 views

CVE-2023-25489

Cross-Site Request Forgery CSRF vulnerability in Jeff Sherk Update Theme and Plugins from Zip File plugin = 2.0.0 versions...

8.8CVSS7.1AI score0.0007EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-29444

Malicious code in bioql PyPI...

8.8CVSS9AI score0.0007EPSS

Exploits0References1

OSV•added 2025/03/14 12:15 p.m.•1 views

CVE-2024-12810

The JobCareer | Job Board Responsive WordPress Theme theme for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability checks on multiple functions in all versions up to, and including, 7.1. This makes it possible for authenticated attackers, wit...

8.1CVSS5.9AI score0.0009EPSS

Exploits0References2

CNNVD•added 2024/03/05 12:0 a.m.•2 views

WonderCMS 安全漏洞

WonderCMS is an open source PHP-based content management system CMS. A server request forgery vulnerability exists in the WonderCMS installUpdateThemePluginAction function, which can be exploited by an attacker to conduct an SSRF attack, thereby forcing the application to make arbitrary requests...

9.1CVSS7AI score0.00173EPSS

Exploits1References2

NVD•added 2023/10/04 11:15 a.m.•9 views

CVE-2023-25489

Cross-Site Request Forgery CSRF vulnerability in Jeff Sherk Update Theme and Plugins from Zip File plugin = 2.0.0 versions...

8.8CVSS5.9AI score0.0007EPSS

Exploits0References1

Prion•added 2023/10/04 11:15 a.m.•18 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Jeff Sherk Update Theme and Plugins from Zip File plugin = 2.0.0 versions...

6.8CVSS8.8AI score0.0007EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/10/04 10:35 a.m.•17 views

CVE-2023-25489 WordPress Update Theme and Plugins from Zip File Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Jeff Sherk Update Theme and Plugins from Zip File plugin = 2.0.0 versions...

4.3CVSS9AI score0.0007EPSS

Exploits0References1

CVE•added 2023/10/04 10:35 a.m.•57 views

CVE-2023-25489

CVE-2023-25489 is a CSRF vulnerability in the WordPress plugin Update Theme and Plugins from Zip File (versions

8.8CVSS6.5AI score0.0007EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/10/04 12:0 a.m.•2 views

WordPress Plugin update-theme-and-plugins-from-zip-file Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

8.8CVSS6.5AI score0.0007EPSS

Exploits0References2

Patchstack•added 2015/05/27 12:0 a.m.•8 views

WordPress GamesTheme Premium Theme - Information Disclosure

Because of this vulnerability, the attackers can obtain sensitive information. Solution Update the theme...

2.7AI score

Exploits0References1Affected Software1

Patchstack•added 2014/08/01 12:0 a.m.•7 views

WordPress Daily Edition Theme <= 1.6.2 - SQL Injection

This theme is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the theme...

3.6AI score

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by