Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-51267

Malicious code in bioql PyPI...

6.1CVSS8.7AI score0.00292EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/13 9:18 a.m.4 views

CVE-2025-0180

The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 4.7. This is due to the plugin not properly restricting what user meta can be updated during profile registration. This makes it possible for unauthenticated attackers to register on...

9.8CVSS7.1AI score0.00503EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/12 7:29 p.m.4 views

CVE-2024-13010

The WP Foodbakery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 4.8 due to insufficient input sanitization and output escaping on the 'searchtype' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scrip...

6.1CVSS7.4AI score0.00292EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/12 7:26 p.m.4 views

CVE-2024-13011

The WP Foodbakery plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'uploadpublisherprofileimage' function in versions up to, and including, 4.7. This makes it possible for unauthenticated attackers to upload arbitrary files on the affect...

9.8CVSS9.8AI score0.00851EPSS
Exploits0References1
NVD
NVD
added 2025/02/11 7:15 a.m.3 views

CVE-2025-0181

The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.8. This is due to the plugin not properly validating a user's identity prior to setting the current user and their authentication cookie. This makes it possibl...

9.8CVSS0.00596EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/11 6:54 a.m.10 views

CVE-2025-0181 WP Foodbakery <= 4.8 - Authentication Bypass in foodbakery_parse_request

The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.8. This is due to the plugin not properly validating a user's identity prior to setting the current user and their authentication cookie. This makes it possibl...

9.8CVSS0.00596EPSS
Exploits0References2
Rows per page
Query Builder