Lucene search
K

49 matches found

SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.9 views

SUSE CVE-2026-53188

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...

8.8CVSS5.8AI score0.00136EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52284

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA core where the ib get ucaps function fails to properly validate the passed-in file operations fops. Because character and block devices can share the same dev...

8.8CVSS6AI score0.00136EPSS
Exploits0References17
Cvelist
Cvelist
added 2026/05/22 4:29 a.m.48 views

CVE-2026-9018 Easy Elements for Elementor – Addons & Website Templates <= 1.4.5 - Unauthenticated Privilege Escalation via 'custom_meta' Parameter

The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.4.5 via the easyelhandleregister function. This is due to the wpajaxnopriveelregister AJAX handler iterating the attacker-controlled...

8.8CVSS0.00541EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/11/05 5:8 a.m.6 views

CVE-2025-12157

The Simple User Capabilities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxnoprivresetcapability' AJAX endpoint in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to reset any...

5.3CVSS5.3AI score0.00264EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/05 5:8 a.m.3 views

CVE-2025-12158

The Simple User Capabilities plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the sucsubmitcapabilities function in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to elevate the role of any user account t...

9.8CVSS5.4AI score0.00412EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/11/04 4:58 a.m.9 views

WordPress Simple User Capabilities plugin <= 1.0 - Missing Authorization to Unauthenticated Capability Reset vulnerability

Missing Authorization to Unauthenticated Capability Reset vulnerability discovered by D01EXPLOIT OFFICIAL in WordPress Plugin Simple User Capabilities versions = 1.0...

5.3CVSS6.7AI score0.00264EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/04 4:27 a.m.2 views

CVE-2025-12158 Simple User Capabilities <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The Simple User Capabilities plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the sucsubmitcapabilities function in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to elevate the role of any user account t...

9.8CVSS5AI score0.00412EPSS
Exploits0References3
CVE
CVE
added 2025/11/04 4:27 a.m.18 views

CVE-2025-12158

CVE-2025-12158 affects WordPress plugin Simple User Capabilities. Wordfence reports a missing authorization check in suc_submit_capabilities() across versions up to 1.0, enabling unauthenticated attackers to elevate any user to administrator. CVSSv3.1 is rated 9.8 (Critical); exploitation is list...

9.8CVSS5AI score0.00412EPSS
Exploits0References3
CVE
CVE
added 2025/11/04 4:27 a.m.22 views

CVE-2025-12157

CVE-2025-12157 concerns the WordPress plugin Simple User Capabilities . The connected documents confirm an unauthenticated modification risk due to a missing permission check on the AJAX endpoint wp_ajax_nopriv_reset_capability , affecting versions up to and including 1.0 . This can allow an unau...

5.3CVSS5AI score0.00264EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/04 4:27 a.m.11 views

CVE-2025-12157 Simple User Capabilities <= 1.0 - Missing Authorization to Unauthenticated Capability Reset

The Simple User Capabilities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxnoprivresetcapability' AJAX endpoint in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to reset any...

5.3CVSS0.00264EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.2 views

WordPress plugin Simple User Capabilities 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

9.8CVSS6.3AI score0.00412EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.5 views

WordPress plugin Simple User Capabilities 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.3AI score0.00264EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-3656

Malware in sbrugna...

6.5CVSS6.5AI score0.00537EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-47515

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00768EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-5264

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.00925EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-43170

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.0047EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-49550

Malicious code in bioql PyPI...

8.1CVSS6.4AI score0.00422EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-59034

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00483EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-48514

Malicious code in bioql PyPI...

8.1CVSS6.6AI score0.00402EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-4857

Malicious code in bioql PyPI...

6.1CVSS6.9AI score0.00149EPSS
Exploits0References2
Rows per page
Query Builder