Lucene search
K

60 matches found

CVE
CVE
added 2025/03/31 6:6 a.m.51 views

CVE-2025-31417

Technical details about CVE-2025-31417 (WP Docs) are not provided in the supplied documents. No root cause, affected versions, impact, remediation, or exploit status are available here; please monitor official advisories for updates.

4.3CVSS7.2AI score0.00219EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/31 6:6 a.m.16 views

CVE-2025-31417 WordPress WP Docs plugin < 2.2.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through 2.2.7...

4.3CVSS0.00219EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/31 6:6 a.m.7 views

CVE-2025-31417 WordPress WP Docs plugin < 2.2.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Docs: from n/a through n/a...

4.3CVSS4.7AI score0.00219EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 10:15 p.m.10 views

CVE-2024-35696

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Fahad Mahmood WP Docs allows Reflected XSS.This issue affects WP Docs: from n/a through 2.1.3...

7.1CVSS6.9AI score0.00327EPSS
Exploits0References1
OSV
OSV
added 2025/01/07 11:15 a.m.4 views

CVE-2024-56288

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.2.1...

4.8CVSS7.3AI score0.00297EPSS
Exploits0References1
NVD
NVD
added 2025/01/07 11:15 a.m.10 views

CVE-2024-56288

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fahad Mahmood WP Docs wp-docs allows Stored XSS.This issue affects WP Docs: from n/a through = 2.2.1...

5.9CVSS0.00297EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/07 10:49 a.m.19 views

CVE-2024-56288 WordPress WP Docs plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fahad Mahmood WP Docs wp-docs allows Stored XSS.This issue affects WP Docs: from n/a through = 2.2.1...

5.9CVSS0.00297EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/07 10:49 a.m.10 views

CVE-2024-56288 WordPress WP Docs plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.2.1...

5.9CVSS7AI score0.00297EPSS
Exploits0References1
CVE
CVE
added 2025/01/07 10:49 a.m.51 views

CVE-2024-56288

CVE-2024-56288 is a Stored XSS in the WP Docs WordPress plugin (Fahad Mahmood). Affected: WP Docs versions up to 2.2.1. Root cause: Improper neutralization of input during web page generation. Impact per sources: cross-site scripting could affect authenticated users; no exploit details provided b...

5.9CVSS7.2AI score0.00297EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/01/03 12:10 p.m.4 views

WordPress WP Docs plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by b4orvn Patchstack Alliance in WordPress Plugin WP Docs versions = 2.2.1...

5.9CVSS6.1AI score0.00297EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/12/21 7:15 a.m.14 views

CVE-2024-12635

The WP Docs plugin for WordPress is vulnerable to time-based SQL Injection via the 'dirid' parameter in all versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

6.5CVSS0.00425EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/12/21 7:3 a.m.12 views

CVE-2024-12635 WP Docs <= 2.2.0 - Authenticated (Subscriber+) Time-Based SQL Injection via 'dir_id'

The WP Docs plugin for WordPress is vulnerable to time-based SQL Injection via the 'dirid' parameter in all versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

6.5CVSS6.6AI score0.00425EPSS
Exploits0References4
CVE
CVE
added 2024/12/21 7:3 a.m.59 views

CVE-2024-12635

CVE-2024-12635 concerns the WP Docs plugin for WordPress. The vulnerability is a time-based SQL Injection via the dir_id parameter in all versions up to and including 2.2.0, caused by insufficient escaping in the user-supplied input and inadequate preparation in the SQL query. It allows authentic...

6.5CVSS6.6AI score0.00425EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2024/12/20 8:24 p.m.3 views

WordPress WP Docs plugin <= 2.2.0 - Authenticated (Subscriber+) Time-Based SQL Injection via 'dir_id' vulnerability

Authenticated Subscriber+ Time-Based SQL Injection via 'dirid' vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin WP Docs versions = 2.2.0...

6.5CVSS8.1AI score0.00425EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/12/09 1:15 p.m.10 views

CVE-2023-30873

Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through 1.9.8...

8.8CVSS0.00491EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:31 a.m.21 views

CVE-2023-30873 WordPress WP Docs plugin <= 1.9.8 - Broken Access Control

Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through 1.9.8...

5.4CVSS8.5AI score0.00491EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:31 a.m.63 views

CVE-2023-30873

CVE-2023-30873 is a Missing Authorization vulnerability in the WordPress WP Docs plugin, exploitable via incorrectly configured access control. Affected versions are WP Docs

8.8CVSS8.5AI score0.00491EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/12/09 11:31 a.m.19 views

CVE-2023-30873 WordPress WP Docs plugin <= 1.9.8 - Broken Access Control

Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through 1.9.8...

5.4CVSS0.00491EPSS
Exploits0References1
OSV
OSV
added 2024/06/08 3:15 p.m.2 views

CVE-2024-35695

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.1.3...

5.4CVSS5.8AI score0.00277EPSS
Exploits0References1
NVD
NVD
added 2024/06/08 3:15 p.m.21 views

CVE-2024-35695

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.1.3...

6.5CVSS0.00277EPSS
Exploits0References1
Rows per page
Query Builder