Lucene search
K

1237 matches found

NVD
NVD
added 2025/12/18 8:16 a.m.6 views

CVE-2025-60086

Missing Authorization vulnerability in Matt WP Voting Contest wp-voting-contest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Voting Contest: from n/a through = 5.8...

7.5CVSS0.00246EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:22 a.m.4 views

CVE-2025-60086 WordPress WP Voting Contest plugin <= 5.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Matt WP Voting Contest wp-voting-contest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Voting Contest: from n/a through = 5.8...

7.5CVSS6.6AI score0.00246EPSS
Exploits0References1
CVE
CVE
added 2025/12/18 7:22 a.m.9 views

CVE-2025-60086

CVE-2025-60086 affects the WordPress plugin WP Voting Contest (wp-voting-contest)

7.5CVSS6.6AI score0.00246EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 7:22 a.m.23 views

CVE-2025-60086 WordPress WP Voting Contest plugin <= 5.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Matt WP Voting Contest wp-voting-contest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Voting Contest: from n/a through = 5.8...

7.5CVSS0.00246EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.5 views

WordPress plugin WP Voting Contest 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.5CVSS6.6AI score0.00246EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.6 views

PT-2025-52143

Missing Authorization vulnerability in Matt WP Voting Contest wp-voting-contest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Voting Contest: from n/a through = 5.8...

7AI score0.00246EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.8 views

PT-2025-52331

Name of the Vulnerable Software and Affected Versions Campcodes Advanced Voting Management System version 1.0 Description A security flaw exists in Campcodes Advanced Voting Management System. The issue is related to improper authorization resulting from manipulation of the ID argument within an...

6.3CVSS5.2AI score0.00244EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.4 views

Campcodes Advanced Voting Management System 授权问题漏洞

CampCodes Advanced Voting Management System is an advanced voting management system from CampCodes Philippines. An authorization issue vulnerability exists in Campcodes Advanced Voting Management System version 1.0, which stems from improper handling of the parameter ID in the file...

6.3CVSS5.6AI score0.00244EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/16 12:26 a.m.5 views

CVE-2025-65782

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authorization flaw in card update handling allows board members and potentially other authenticated users to add/remove arbitrary user IDs in vote.positive / vote.negative arrays, enabling vo...

6.5CVSS7AI score0.00225EPSS
Exploits0References1
OSV
OSV
added 2025/12/15 2:15 p.m.5 views

CVE-2025-65782

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authorization flaw in card update handling allows board members and potentially other authenticated users to add/remove arbitrary user IDs in vote.positive / vote.negative arrays, enabling vo...

6.5CVSS6.8AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/15 12:0 a.m.4 views

CVE-2025-65782

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authorization flaw in card update handling allows board members and potentially other authenticated users to add/remove arbitrary user IDs in vote.positive / vote.negative arrays, enabling vo...

6.6AI score0.00225EPSS
Exploits0References4
CVE
CVE
added 2025/12/15 12:0 a.m.10 views

CVE-2025-65782

Wekan up to v18.15 is affected by an authorization flaw in card update handling that lets board members or other authenticated users add/remove arbitrary user IDs in vote.positive / vote.negative arrays, enabling vote forgery and unauthorized voting. The issue is fixed in v18.16. Affected compone...

6.5CVSS6.6AI score0.00225EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/13 3:59 a.m.6 views

CVE-2025-14129

The Like DisLike Voting plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS5.6AI score0.00211EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/12 6:33 a.m.9 views

WordPress Like DisLike Voting plugin <= 1.0.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability

Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Like DisLike Voting versions = 1.0.1...

6.1CVSS6.1AI score0.00211EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/12/12 4:15 a.m.26 views

CVE-2025-14129

The Like DisLike Voting plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS0.00211EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/12 3:20 a.m.3 views

CVE-2025-14129 Like DisLike Voting <= 1.0.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']

The Like DisLike Voting plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS5.3AI score0.00211EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/12 3:20 a.m.29 views

CVE-2025-14129 Like DisLike Voting <= 1.0.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']

The Like DisLike Voting plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS0.00211EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.4 views

WordPress plugin Like DisLike Voting 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS5.8AI score0.00211EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.7 views

PT-2025-50853

The Like DisLike Voting plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $ SERVER'PHP SELF' variable in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS5.6AI score0.00211EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/12/10 12:0 a.m.4 views

ByteShield: Adversarially Robust End-To-End Malware Detection through Byte Masking

Research has proven that end-to-end malware detectors are vulnerable to adversarial attacks. In response, the research community has proposed defenses based on randomized and derandomized smoothing. However, these techniques remain susceptible to attacks that insert large adversarial payloads. To...

6.8AI score
Exploits0
Rows per page
Query Builder