Lucene search
K

4 matches found

EUVD
EUVD
added 2025/11/18 12:30 p.m.6 views

EUVD-2025-197958

The Restrictions for BuddyPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handleoptinoptout function in all versions up to, and including, 1.5.2. This makes it possible for unauthenticated attackers to opt in and out of tracki...

5.3CVSS4.9AI score0.00241EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/05 1:45 p.m.12 views

CVE-2025-58863 WordPress Zoomify embed for WP Plugin <= 1.5.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SdeWijs Zoomify embed for WP zoom-image-shortcode allows Stored XSS.This issue affects Zoomify embed for WP: from n/a through = 1.5.2...

6.5CVSS0.00154EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/08/14 2:48 p.m.8 views

WordPress CM On Demand Search And Replace Plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Bao BlueRock in WordPress Plugin CM On Demand Search And Replace versions = 1.5.2...

4.3CVSS6.6AI score0.00119EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/29 3:37 p.m.4 views

WordPress Pricing Table builder plugin <= 1.5.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Skalucy in WordPress Plugin Pricing Table builder versions = 1.5.3...

8.8CVSS5.3AI score0.00123EPSS
Exploits0Affected Software1
Rows per page
Query Builder