Lucene search
K

5 matches found

CVE
CVE
added 2026/03/13 11:42 a.m.11 views

CVE-2026-32377

CVE-2026-32377 affects the WordPress Pranayama Yoga theme (pranayama-yoga) up to version 1.2.2. Root cause: missing Authorization / broken access control enabling exploitation of incorrectly configured access control security levels. Impact: potential unauthorized access or actions due to access-...

5.3CVSS5.8AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.8 views

python-multipart 安全漏洞

python-multipart is a Python-based streaming multipart parser developed by Marcelo Trylesinski. Versions prior to 1.2.2, 1.3.1, and 1.4.0-dev contained security vulnerabilities. These vulnerabilities stemmed from the use of ambiguous regular expressions in the parseoptionsheader function, which...

7.5CVSS7.3AI score0.00606EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.7 views

PT-2025-47282

Name of the Vulnerable Software and Affected Versions wModes – Catalog Mode, Product Pricing, Enquiry Forms & Promotions plugin for WordPress versions up to and including 1.2.2 Description The plugin does not properly verify user authorization when accessing sensitive information through an AJAX...

4.3CVSS6AI score0.00227EPSS
Exploits0References8
Patchstack
Patchstack
added 2025/09/08 12:0 a.m.5 views

WordPress Birdily | Travel Agency & Tour Booking WordPress Theme Theme <= 1.2.2 is vulnerable to Local File Inclusion

Software Birdily | Travel Agency & Tour Booking WordPress Theme Type Theme Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID d54eefcef883 Credits Tran...

8.1CVSS7.6AI score0.00519EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/01 12:0 a.m.7 views

PT-2024-38512 · WordPress · Dn Popup

Name of the Vulnerable Software and Affected Versions: DN Popup WordPress plugin versions 1.2.2 and earlier Description: The issue is related to the lack of a CSRF check when updating the plugin's settings. This could allow attackers to make a logged-in admin change the settings via a CSRF attack...

5.4CVSS6.5AI score0.0019EPSS
Exploits1References8
Rows per page
Query Builder