Lucene search
K

6 matches found

GithubExploit
GithubExploit
added 2026/04/11 2:46 a.m.105 views

Exploit for CVE-2026-4350

CVE-2026-4350 - Perfmatters WordPress Arbitrary File Deletion...

8.1CVSS5.9AI score0.00658EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/04/04 11:2 a.m.5 views

CVE-2026-4350

The Perfmatters plugin for WordPress is vulnerable to arbitrary file deletion via path traversal in all versions up to, and including, 2.5.9.1. This is due to the PMCS::actionhandler method processing the $GET'delete' parameter without any sanitization, authorization check, or nonce verification...

8.1CVSS6AI score0.00658EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/03 7:41 a.m.22 views

CVE-2026-4350 Perfmatters <= 2.5.9.1 - Authenticated (Subscriber+) Arbitrary File Deletion via 'delete' Parameter

The Perfmatters plugin for WordPress is vulnerable to arbitrary file deletion via path traversal in all versions up to, and including, 2.5.9.1. This is due to the PMCS::actionhandler method processing the $GET'delete' parameter without any sanitization, authorization check, or nonce verification...

8.1CVSS0.00658EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/03 7:41 a.m.4 views

CVE-2026-4350

The Perfmatters plugin for WordPress is vulnerable to arbitrary file deletion via path traversal in all versions up to, and including, 2.5.9.1. This is due to the PMCS::actionhandler method processing the $GET'delete' parameter without any sanitization, authorization check, or nonce verification...

8.1CVSS6AI score0.00658EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 4:55 a.m.7 views

CVE-2023-24383

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Kiboko Labs Namaste! LMS plugin = 2.5.9.1 versions...

5.9CVSS5.6AI score0.00392EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/01/27 12:0 a.m.9 views

WordPress Namaste! LMS Plugin <= 2.5.9.1 is vulnerable to Cross Site Scripting (XSS)

Software Namaste! LMS Type Plugin Vulnerable versions = 2.5.9.1 Fixed in 2.5.9.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-24383 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a09354550881 Credits yuyudhn Required...

5.9CVSS5.8AI score0.00392EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder