Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-1908

Malware in sbrugna...

6.5CVSS6.6AI score0.01001EPSS
Exploits1References2
CVE
CVE
added 2021/07/19 10:53 a.m.66 views

CVE-2021-24447

The CVE covers the WordPress plugin WP Image Zoom, vulnerable before version 1.47. The root cause is lack of validation of the tab parameter used in include_once(), leading to a Local File Inclusion in the admin dashboard. Public sources consistently describe a local file inclusion vulnerability,...

5.3CVSS5.1AI score0.01375EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/06/23 12:0 a.m.20 views

WP Image Zoom < 1.47 - Local File Inclusion

The plugin did not validate its tab parameter before using it in the includeonce function, leading to a local file inclusion issue in the admin dashboard PoC PoC: https://example.com/wp-admin/admin.php?page=zoooomsettings=whatever This URL shows includeonce error, which indicates that the paramet...

5CVSS0.1AI score0.01375EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2021/06/23 12:0 a.m.891 views

WP Image Zoom < 1.47 - Local File Inclusion

The plugin did not validate its tab parameter before using it in the includeonce function, leading to a local file inclusion issue in the admin dashboard PoC: https://example.com/wp-admin/admin.php?page=zoooomsettings&tab=whatever This URL shows includeonce error, which indicates that the paramet...

5CVSS0.4AI score0.01375EPSS
Exploits2
NVD
NVD
added 2018/06/26 4:29 p.m.11 views

CVE-2018-1000510

WP Image Zoom version 1.23 contains a Incorrect Access Control vulnerability in AJAX settings that can result in allows anybody to cause denial of service. This attack appear to be exploitable via Can be triggered intentionally or unintentionally via CSRF by any logged in user. This vulnerability...

6.5CVSS6.5AI score0.01001EPSS
Exploits1References1
CVE
CVE
added 2018/06/26 4:0 p.m.51 views

CVE-2018-1000510

WP Image Zoom (WordPress plugin) version 1.23 contains an Incorrect Access Control vulnerability in the AJAX settings that allows any logged-in user to trigger a denial-of-service. The issue is triggered via CSRF and can be exploited intentionally or unintentionally; the vulnerability is mitigate...

6.5CVSS6.4AI score0.01001EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/06/26 4:0 p.m.20 views

CVE-2018-1000510

WP Image Zoom version 1.23 contains a Incorrect Access Control vulnerability in AJAX settings that can result in allows anybody to cause denial of service. This attack appear to be exploitable via Can be triggered intentionally or unintentionally via CSRF by any logged in user. This vulnerability...

6.5AI score0.01001EPSS
Exploits1References1
0day.today
0day.today
added 2018/04/11 12:0 a.m.56 views

WordPress Image Zoom 1.23 Plugin Denial Of Service Vulnerability

Exploit for php platform in category web applications Details ================ Software: WP Image Zoom Version: 1.23 Homepage: http://wordpress.org/plugins/wp-image-zoooom/ Advisory report: https://advisories.dxw.com/advisories/wp-image-zoom-dos/ CVE: Awaiting assignment CVSS: 7.5 High;...

0.2AI score
Exploits0
WPVulnDB
WPVulnDB
added 2018/03/29 12:0 a.m.8 views

WP Image Zoom <= 1.23 - Cross-Site Request Forgery (CSRF)

The WP Image Zoom WordPress plugin was affected by a Cross-Site Request Forgery CSRF security vulnerability...

3.1AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.15 views

WordPress Wp Image Zoom Plugin <= 1.0.3 - PHP Code Execution

This plugin is prone to download.php file upload PHP code execution vulnerability. Solution Update plugin...

2.4AI score
Exploits0References1Affected Software1
Rows per page
Query Builder