Lucene search
K

5 matches found

NVD
NVD
added 2025/06/06 1:15 p.m.3 views

CVE-2025-28954

Cross-Site Request Forgery CSRF vulnerability in wphobby Backwp backwp allows Path Traversal.This issue affects Backwp: from n/a through = 2.0.2...

7.4CVSS0.00166EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 12:54 p.m.42 views

CVE-2025-28954

CVE-2025-28954 (Backwp) is a CSRF vulnerability in the Backwp plugin for WordPress, affecting versions up to 2.0.2. The CVSS 3.1 base score is 7.4 (HIGH) with network access, require user interaction, and impact limited to availability (C) with availability impact HIGH. Root cause and exact explo...

7.4CVSS5.9AI score0.00166EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.6 views

WordPress WPHobby Demo Import Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software WPHobby Demo Import Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d1dee08a5293 Credits Rafie Muhammad Patchstack...

6.4AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.18 views

WordPress WPHobby Demo Import plugin <= 1.1.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WPHobby Demo Import plugin versions = 1.1.2. Solution No patched version available...

4AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.10 views

WordPress WPHobby Demo Import plugin <= 1.1.2 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WPHobby Demo Import plugin versions = 1.1.2. Solution No patched version available...

2.4AI score
Exploits0References2Affected Software1
Rows per page
Query Builder