Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-9745

Malicious code in bioql PyPI...

9.8CVSS7.6AI score0.00623EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/04/06 2:20 p.m.16 views

CVE-2025-2798

The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 5.4.21. This is due to a misconfiguration of excluded roles during registration. This makes it possible for unauthenticated attackers to register with an Administrator role if a custom...

9.8CVSS6.8AI score0.00623EPSS
Exploits0References1
NVD
NVD
added 2025/04/04 2:15 p.m.13 views

CVE-2025-2798

The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 5.4.21. This is due to a misconfiguration of excluded roles during registration. This makes it possible for unauthenticated attackers to register with an Administrator role if a custom...

9.8CVSS0.00623EPSS
Exploits0References2
OSV
OSV
added 2025/04/04 2:15 p.m.2 views

CVE-2025-2798

The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 5.4.21. This is due to a misconfiguration of excluded roles during registration. This makes it possible for unauthenticated attackers to register with an Administrator role if a custom...

9.8CVSS5.7AI score0.00623EPSS
Exploits0References2
CVE
CVE
added 2025/04/04 1:44 p.m.76 views

CVE-2025-2798

The CVE-2025-2798 entry concerns the Woffice CRM theme for WordPress. Affected: all versions up to and including 5.4.21. Root cause: misconfiguration of excluded roles during user registration in the Woffice CRM theme, allowing unauthenticated attackers to register with Administrator privileges w...

9.8CVSS5.8AI score0.00623EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/04 1:44 p.m.19 views

CVE-2025-2798 Woffice <= 5.4.21 - Authentication Bypass via Registration Role

The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 5.4.21. This is due to a misconfiguration of excluded roles during registration. This makes it possible for unauthenticated attackers to register with an Administrator role if a custom...

9.8CVSS7.1AI score0.00623EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/04 12:0 a.m.4 views

WordPress plugin Woffice CRM 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

9.8CVSS9.1AI score0.00623EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/04/04 12:0 a.m.3 views

PT-2025-14890 · WordPress · Woffice Crm Theme

Name of the Vulnerable Software and Affected Versions: Woffice CRM theme for WordPress versions up to, and including, 5.4.21 Description: The issue is due to a misconfiguration of excluded roles during registration, making it possible for unauthenticated attackers to register with an Administrato...

9.8CVSS9.5AI score0.00623EPSS
Exploits0References14
Rows per page
Query Builder