Lucene search
+L

192 matches found

veracode
veracode
added 2025/09/03 6:39 a.m.4 views

Denial Of Service (DoS)

github.com/mattermost/mattermost-plugin-confluence is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of unexpected request bodies, which allows an attacker to repeatedly send invalid request bodies to the server webhook endpoint to crash the plugin...

7.5CVSS7AI score0.00295EPSS
Exploits0References3Affected Software1
susecve
susecve
added 2025/08/21 11:22 p.m.5 views

SUSE CVE-2025-53514

Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body...

5.9CVSS7AI score0.00283EPSS
Exploits0References2
cnvd
cnvd
added 2025/08/20 12:0 a.m.12 views

WordPress Plugin StoryChief File Upload Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin StoryChief file upload vulnerability , the vulnerability stems from the...

9.8CVSS6.7AI score0.37349EPSS
Exploits8References1
redhatcve
redhatcve
added 2025/08/18 4:31 a.m.15 views

CVE-2025-7441

The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.0.42. This vulnerability occurs through the /wp-json/storychief/webhook REST-API endpoint that does not have sufficient filetype validation. This makes it possible for unauthenticat...

9.8CVSS8.3AI score0.37349EPSS
Exploits8References1
nvd
nvd
added 2025/08/16 4:16 a.m.16 views

CVE-2025-7441

The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.0.42. This vulnerability occurs through the /wp-json/storychief/webhook REST-API endpoint that does not have sufficient filetype validation. This makes it possible for unauthenticat...

9.8CVSS0.37349EPSS
Exploits8References3
cvelist
cvelist
added 2025/08/16 3:38 a.m.47 views

CVE-2025-7441 StoryChief <= 1.0.42 - Unauthenticated Arbitrary File Upload

The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.0.42. This vulnerability occurs through the /wp-json/storychief/webhook REST-API endpoint that does not have sufficient filetype validation. This makes it possible for unauthenticat...

9.8CVSS0.37349EPSS
Exploits8References3
ptsecurity
ptsecurity
added 2025/08/16 12:0 a.m.10 views

PT-2025-33527

Name of the Vulnerable Software and Affected Versions: StoryChief plugin for WordPress versions up to and including 1.0.42 Description: The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filetype validation. This occurs through the...

9.8CVSS5.9AI score0.37349EPSS
Exploits8References11
cnnvd
cnnvd
added 2025/08/16 12:0 a.m.73 views

WordPress plugin StoryChief 代码问题漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin StoryChief file upload vulnerability , the vulnerability stems from the...

9.8CVSS6.9AI score0.37349EPSS
Exploits8References5
vulncheck_kev
vulncheck_kev
added 2025/08/15 12:0 a.m.31 views

VulnCheck KEV: CVE-2025-7441

The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.0.42. This vulnerability occurs through the /wp-json/storychief/webhook REST-API endpoint that does not have sufficient filetype validation. This makes it possible for unauthenticat...

9.8CVSS6.5AI score0.37349EPSS
In wildExploits8References2
redhatcve
redhatcve
added 2025/08/13 7:31 p.m.3 views

CVE-2025-53514

Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body...

5.9CVSS7.1AI score0.00283EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/08/13 7:31 p.m.4 views

CVE-2025-54463

Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body...

7.5CVSS7.1AI score0.00295EPSS
Exploits0References1
snyk
snyk
added 2025/08/11 9:31 p.m.2 views

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the constant hits to the server webhook endpoint with an invalid request body. An attacker can cause the plugin to crash by repeatedly sending invalid request bodies to the...

8.2CVSS7AI score0.00283EPSS
Exploits0References2
osv
osv
added 2025/08/11 9:31 p.m.2 views

GHSA-GJPM-6W34-PPVF Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions

Mattermost Confluence Plugin versions 1.5.0 fails to handle unexpected request bodies, allowing attackers to crash the plugin via constant hits to the server webhook endpoint with an invalid request body...

5.9CVSS7AI score0.00295EPSS
Exploits0References4
osv
osv
added 2025/08/11 9:31 p.m.4 views

GHSA-W92J-C6GR-HJ8R Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions

Mattermost Confluence Plugin versions 1.5.0 fail to handle unexpected request bodies, allow\ing attackers to crash the plugin via constant hits to the server webhook endpoint with an invalid request body...

5.9CVSS7AI score0.00283EPSS
Exploits0References3
github
github
added 2025/08/11 9:31 p.m.9 views

Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions

Mattermost Confluence Plugin versions 1.5.0 fails to handle unexpected request bodies, allowing attackers to crash the plugin via constant hits to the server webhook endpoint with an invalid request body...

7.5CVSS7AI score0.00295EPSS
Exploits0References4Affected Software1
nvd
nvd
added 2025/08/11 7:15 p.m.6 views

CVE-2025-54463

Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body...

7.5CVSS0.00295EPSS
Exploits0References1
nvd
nvd
added 2025/08/11 7:15 p.m.9 views

CVE-2025-53514

Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body...

5.9CVSS0.00283EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/08/11 6:57 p.m.1 views

CVE-2025-54463 Unexpected Input to Cloud Webhook endpoint Causes DoS in Mattermost Confluence Plugin

Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body...

5.9CVSS7.1AI score0.00295EPSS
Exploits0References1
cve
cve
added 2025/08/11 6:57 p.m.132 views

CVE-2025-54463

Mattermost Confluence Plugin (github.com/mattermost/mattermost-plugin-confluence) versions

7.5CVSS7.1AI score0.00295EPSS
Exploits0References1Affected Software1
osv
osv
added 2025/08/11 6:57 p.m.2 views

CVE-2025-54463 Unexpected Input to Cloud Webhook endpoint Causes DoS in Mattermost Confluence Plugin

Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body...

5.9CVSS6.3AI score0.00295EPSS
Exploits0References4
Rows per page
Query Builder