Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2026/05/27 5:31 a.m.9 views

CVE-2026-8760 Login with OTP <= 1.6 - Unauthenticated Authentication Bypass via OTP Brute Force

The Login with OTP plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.6. This is due to an incomplete fix for CVE-2024-11178: the rate-limit/lockout check added to otplloginaction was placed only inside the OTP-generation branch and is never...

9.8CVSS5.7AI score0.00595EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.8 views

WordPress plugin WP FullCalendar 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

7.5CVSS5.8AI score0.00287EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/15 8:26 a.m.3 views

EUVD-2025-34537

The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the zacreatezipcallback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to...

5.3CVSS5AI score0.00261EPSS
Exploits0References4
CVE
CVE
added 2025/10/03 4:27 p.m.31 views

CVE-2025-61590

Cursor (editor) versions ≤1.6 are vulnerable to remote code execution via Visual Studio Code Workspaces. The attack involves hijacking the user’s chat context to prompt-inject and modify .code-workspace/settings, enabling RCE by writing to the workspace settings. The issue is fixed in version 1.7...

7.5CVSS7AI score0.00485EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/09/22 6:22 p.m.10 views

CVE-2025-58667 WordPress ListingPro Reviews plugin < 2.9.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in CridioStudio ListingPro Reviews listingpro-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro Reviews: from n/a through 2.9.11...

5.4CVSS0.00248EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/08/26 6:6 p.m.5 views

WordPress Romea - Personal Portfolio WordPress theme theme <= 1.6 - Local File Inclusion vulnerability

WordPress Romea - Personal Portfolio WordPress theme theme = 1.6 - Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Romea - Personal Portfolio WordPress Theme versions = 1.6...

8.2CVSS7.1AI score0.00404EPSS
Exploits0Affected Software1
Rows per page
Query Builder