Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2025/01/10 12:0 a.m.5 views

PT-2025-2107 · WordPress · Essential Real Estate

Name of the Vulnerable Software and Affected Versions: The Essential WP Real Estate plugin for WordPress versions up to, and including, 1.1.3 Description: The issue is caused by a missing capability check on the cl delete listing func function, allowing unauthorized access. This makes it possible...

5.3CVSS7.3AI score0.00327EPSS
Exploits0References9
Patchstack
Patchstack
added 2024/08/05 12:0 a.m.17 views

WordPress CRM Perks Forms Plugin <= 1.1.3 is vulnerable to Arbitrary File Upload

Software CRM Perks Forms Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-7484 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID c7c64ee12633 Credits István Márton Required privilege...

7.2CVSS6.9AI score0.0093EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/06/06 12:0 a.m.21 views

WordPress Bloglo Theme <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Bloglo Type Theme Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35715 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 469488b623d7 Credits stealthcopter Required privilege Contributor...

6.5CVSS6.5AI score0.00254EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/04/10 12:0 a.m.10 views

WordPress CP Media Player Plugin <= 1.1.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software CP Media Player Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.2.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31941 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 9a90502753a6 Credits Steven Julian...

5.4CVSS6.7AI score0.00209EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.5 views

WordPress Cuisine Palace Theme <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Cuisine Palace Type Theme Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 37c5a3d00c1a Credits Rafie Muhammad Patchstack Required...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/04/18 12:0 a.m.13 views

WordPress Semalt Blocker Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Semalt Blocker Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23794 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID fd1c7aaaef6e Credits Rio Darmawan Required...

5.9CVSS6AI score0.00369EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/01/13 12:0 a.m.11 views

WordPress WP-OliveCart Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software WP-OliveCart Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47435 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 10d7b9455c85 Credits Team WeBoB Required privileg...

5.9CVSS5.8AI score0.00392EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2006/04/21 12:0 a.m.7 views

PT-2006-2938 · Unknown · Rechnungszentrale V2

Name of the Vulnerable Software and Affected Versions: RechnungsZentrale V2 versions 1.1.3 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the SQL injection vulnerability in the authent.php4 file, specifically via the Us...

5CVSS7.8AI score0.01715EPSS
Exploits1References10
Rows per page
Query Builder