Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-2989

Malicious code in bioql PyPI...

4.3CVSS8.7AI score0.00243EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 11:36 a.m.7 views

CVE-2025-22779

Missing Authorization vulnerability in codeaffairs WP News Sliders wp-news-sliders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP News Sliders: from n/a through = 1.0...

4.3CVSS7.2AI score0.00243EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:55 a.m.6 views

CVE-2023-0502

The WP News WordPress plugin through 1.1.9 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

6.5CVSS6.5AI score0.00326EPSS
Exploits2References1
NVD
NVD
added 2025/01/15 4:15 p.m.10 views

CVE-2025-22779

Missing Authorization vulnerability in codeaffairs WP News Sliders wp-news-sliders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP News Sliders: from n/a through = 1.0...

4.3CVSS0.00243EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/15 3:23 p.m.13 views

CVE-2025-22779 WordPress WP News Sliders plugin <= 1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in codeaffairs WP News Sliders wp-news-sliders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP News Sliders: from n/a through = 1.0...

4.3CVSS8.5AI score0.00243EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/15 3:23 p.m.21 views

CVE-2025-22779 WordPress WP News Sliders plugin <= 1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in codeaffairs WP News Sliders wp-news-sliders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP News Sliders: from n/a through = 1.0...

4.3CVSS0.00243EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/11/09 12:0 a.m.10 views

WordPress WP News and Scrolling Widgets Plugin <= 4.8 is vulnerable to Broken Access Control

Software WP News and Scrolling Widgets Type Plugin Vulnerable versions = 4.8 Fixed in 4.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-40200 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID a844c6c0c8f3 Credits Abdi Pranata...

5.9AI score0.00188EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/03/27 4:15 p.m.17 views

CVE-2023-0502

The WP News WordPress plugin through 1.1.9 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

6.5CVSS6.4AI score0.00326EPSS
Exploits2References1
OSV
OSV
added 2023/03/27 4:15 p.m.2 views

CVE-2023-0502

The WP News WordPress plugin through 1.1.9 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

6.5CVSS7AI score0.00326EPSS
Exploits2References1
Prion
Prion
added 2023/03/27 4:15 p.m.11 views

Cross site request forgery (csrf)

The WP News WordPress plugin through 1.1.9 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

4.3CVSS6.4AI score0.00326EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2023/03/27 3:37 p.m.59 views

CVE-2023-0502

The CVE-2023-0502 entry concerns the WordPress WP News plugin (versions up to 1.1.9) lacking CSRF protection when activating plugins. Root cause is missing CSRF validation on the plugin_activation workflow, allowing an authenticated attacker to trigger activation of arbitrary plugins via CSRF. Im...

6.5CVSS6.3AI score0.00326EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/27 3:37 p.m.7 views

CVE-2023-0502 WP News <= 1.1.9 - Arbitrary Plugin Activation via CSRF

The WP News WordPress plugin through 1.1.9 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

6.4AI score0.00326EPSS
Exploits2References1
Rows per page
Query Builder