Lucene search
K

4 matches found

CVE
CVE
added yesterday11 views

CVE-2026-14487

The CVE-2026-14487 entry concerns the WordPress plugin Simple Coherent Form (SCF). Affected versions are all up to and including 2.4.13. The root cause is insufficient file path validation in the removeUploadDir function, enabling unauthenticated deletion of arbitrary server files (e.g., wp-confi...

9.1CVSS6.8AI score0.0074EPSS
Exploits0References6
OSV
OSV
added 2025/09/11 6:15 p.m.6 views

ALPINE-CVE-2025-58060

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the AuthType is set to anything but Basic, if the request contains an Authorization: Basic ... header, the password is not checked. This results in...

8CVSS7AI score0.00964EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/09/11 5:6 p.m.2 views

CVE-2025-58060 cups has Authentication bypass with AuthType Negotiate

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the AuthType is set to anything but Basic, if the request contains an Authorization: Basic ... header, the password is not checked. This results in...

8CVSS6.7AI score0.00964EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/07/20 12:0 a.m.7 views

PT-2024-37168 · WordPress · Conditional Fields For Contact Form 7

Name of the Vulnerable Software and Affected Versions: Conditional Fields for Contact Form 7 plugin for WordPress versions up to, and including, 2.4.13 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the wpcf7cf admin init function...

4.3CVSS6.7AI score0.00219EPSS
Exploits0References6
Rows per page
Query Builder