Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:25 p.m.11 views

CVE-2021-25111

The English WordPress Admin WordPress plugin before 1.5.2 does not validate the admincustomlanguagereturnurl before redirecting users o it, leading to an open redirect issue...

6.1CVSS6.7AI score0.01873EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/03/25 6:0 a.m.17 views

CVE-2024-12682 Smart Maintenance Mode < 1.5.2 - Admin+ Stored XSS

The Smart Maintenance Mode WordPress plugin before 1.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00257EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/03/07 12:0 a.m.3 views

phpIPAM SQL注入漏洞

phpIPAM is an open source PHP and MySQL based IP address management application IPAM. A SQL injection vulnerability exists in phpIPAM versions prior to 1.5.2. An attacker exploits this vulnerability to perform SQL injection attacks...

7.2CVSS7.2AI score0.0305EPSS
Exploits3References5
CNNVD
CNNVD
added 2022/09/19 12:0 a.m.2 views

openSUSE Tumbleweed 授权问题漏洞

openSUSE Tumbleweed is an open source system from the openSUSE project. A security vulnerability exists in openSUSE Tumbleweed versions prior to 1.5.2-6.1, which stems from the pamaccess.so module not properly restricting logins if a user attempts to connect from an IP address that is not...

9.8CVSS8.2AI score0.01218EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/05/24 12:0 a.m.2 views

ronomon 命令注入漏洞

ronomon is open source a fast and powerful encoder/decoder for RFC 2045 and RFC 2047. Used for buffers in pure Javascript with optional C ++ bindings. A command injection vulnerability exists in ronomon/opened library versions prior to 1.5.2, which can be exploited by remote attackers to execute...

10CVSS8.7AI score0.04508EPSS
Exploits1References3
OSV
OSV
added 2017/03/27 5:59 p.m.7 views

PYSEC-2017-8

HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digestsize...

7.5CVSS5.9AI score0.03399EPSS
Exploits0References10
Rows per page
Query Builder