Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedhatCVE
RedhatCVEadded 2025/09/27 3:47 a.m.2 views

CVE-2025-10377

The System Dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.20. This is due to missing nonce validation on the sdtogglelogs function. This makes it possible for unauthenticated attackers to toggle critical logging settings...

4.3CVSS5.2AI score0.00014EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/11/21 12:0 a.m.12 views

WordPress System Dashboard Plugin < 2.8.15 is vulnerable to Cross Site Scripting (XSS)

Software System Dashboard Type Plugin Vulnerable versions 2.8.15 Fixed in 2.8.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11107 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 948953d35f1c Credits Dogus Demirkiran...

5.9AI score0.01677EPSS
Exploits1References3Affected Software1
Patchstack
Patchstackadded 2024/11/21 12:0 a.m.15 views

WordPress System Dashboard Plugin < 2.8.15 is vulnerable to Path Traversal

Software System Dashboard Type Plugin Vulnerable versions 2.8.15 Fixed in 2.8.15 OWASP Top 10 A4: Insecure Design Classification Path Traversal CVE CVE-2024-10708 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID 8350df71b2da Credits Dogus DEMIRKIRAN Required privilege...

6.5AI score0.08496EPSS
Exploits1References3Affected Software1
Patchstack
Patchstackadded 2024/03/21 12:0 a.m.14 views

WordPress System Dashboard Plugin < 2.8.10 is vulnerable to Cross Site Scripting (XSS)

Software System Dashboard Type Plugin Vulnerable versions 2.8.10 Fixed in 2.8.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-7246 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 59b19780b836 Credits Dmitrii Ignatyev Requir...

5.4CVSS6AI score0.02134EPSS
Exploits2References4Affected Software1
Patchstack
Patchstackadded 2023/12/07 12:0 a.m.10 views

WordPress System Dashboard Plugin <= 2.8.7 is vulnerable to Broken Access Control

Software System Dashboard Type Plugin Vulnerable versions = 2.8.7 Fixed in 2.8.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-5712 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 98fba4335721 Credits Dmitrii Ignatyev Required...

4.3CVSS6.6AI score0.00197EPSS
Exploits0References3Affected Software1
CNNVD
CNNVDadded 2023/12/07 12:0 a.m.2 views

WordPress plugin System Dashboard security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS5.9AI score0.00197EPSS
Exploits0References4
Rows per page
Query Builder