Lucene search
+L

87 matches found

NVD
NVD
added 2024/05/17 9:15 a.m.23 views

CVE-2024-25595

Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through 4.4.1...

5.3CVSS5.3AI score0.0041EPSS
Exploits0References1
NVD
NVD
added 2024/05/17 7:15 a.m.28 views

CVE-2022-44581

Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows : Screen Temporary Files for Sensitive Information.This issue affects Defender Security: from n/a through 3.3.2...

9.8CVSS5.2AI score0.00679EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/17 6:27 a.m.14 views

CVE-2022-44581 WordPress Defender Security plugin <= 3.3.2 - Broken Authentication vulnerability

Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows : Screen Temporary Files for Sensitive Information.This issue affects Defender Security: from n/a through 3.3.2...

5CVSS7AI score0.00679EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/17 12:0 a.m.7 views

PT-2024-21025 · Wpmu Dev · Wpmu Dev Defender Security

Name of the Vulnerable Software and Affected Versions: WPMU DEV Defender Security versions through 4.4.1 Description: The issue is related to an Authentication Bypass by Spoofing, allowing functionality bypass. Recommendations: For versions through 4.4.1, update to a version later than 4.4.1 to...

5.3CVSS9.2AI score0.0041EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/05/17 12:0 a.m.6 views

PT-2024-11680 · Wpmu Dev · Wpmu Dev Defender Security

Name of the Vulnerable Software and Affected Versions: WPMU DEV Defender Security versions n/a through 3.3.2 Description: The issue affects the storage of sensitive information, allowing access to screen temporary files that may contain sensitive data. This is a result of insecure storage practic...

9.8CVSS6AI score0.00679EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/04/22 12:0 a.m.13 views

WordPress Hummingbird Plugin <= 3.7.3 is vulnerable to Broken Access Control

Software Hummingbird Type Plugin Vulnerable versions = 3.7.3 Fixed in 3.7.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32792 Patch priority Low CVSS severity Low 4.3 Developer WPMU DEV PSID 9b701eb20e44 Credits Peng Zhou Required privilege...

5.3CVSS6.6AI score0.00283EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/03/27 1:15 p.m.23 views

CVE-2024-29777

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Forminator forminator.This issue affects Forminator: from n/a through = 1.29.0...

7.1CVSS6.9AI score0.00426EPSS
Exploits0References2
CVE
CVE
added 2024/03/27 1:0 p.m.72 views

CVE-2024-29777

CVE-2024-29777 is a reflected Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Forminator (WPMU DEV) up to version 1.29.0. The issue arises from improper input neutralization during web page generation. Affected: Forminator

7.1CVSS7.2AI score0.00426EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.5 views

PT-2024-23019 · Wpmu Dev · Wpmu Dev Forminator

Name of the Vulnerable Software and Affected Versions: WPMU DEV Forminator versions 1.29.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker can...

7.1CVSS9.3AI score0.00426EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/03/25 12:0 a.m.17 views

WordPress Forminator Plugin <= 1.29.0 is vulnerable to Cross Site Scripting (XSS)

Software Forminator Type Plugin Vulnerable versions = 1.29.0 Fixed in 1.29.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29777 Patch priority Medium CVSS severity Medium 7.1 Developer WPMU DEV PSID 4c3587917921 Credits Rafie Muhammad Patchstack Required privile...

7.1CVSS6.8AI score0.00426EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/03/15 2:15 p.m.15 views

CVE-2024-25592

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPMU DEV Broken Link Checker allows Stored XSS.This issue affects Broken Link Checker: from n/a through 2.2.3...

5.9CVSS5.7AI score0.00339EPSS
Exploits0References1
CVE
CVE
added 2024/03/15 1:56 p.m.64 views

CVE-2024-25592

CVE-2024-25592 affects WordPress Broken Link Checker plugin (versions through 2.2.3). Root cause: improper neutralization of input during web page generation, enabling Stored XSS. Impact: stored XSS vulnerability on sites using Broken Link Checker up to 2.2.3; CVSS base metrics in listed sources ...

5.9CVSS8.5AI score0.00339EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/01/08 9:15 p.m.23 views

CVE-2023-51490

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPMU DEV Defender Security – Malware Scanner, Login Security & Firewall.This issue affects Defender Security – Malware Scanner, Login Security & Firewall: from n/a through 4.1.0...

7.5CVSS6AI score0.0048EPSS
Exploits0References1
Prion
Prion
added 2024/01/08 9:15 p.m.20 views

Code injection

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPMU DEV Defender Security – Malware Scanner, Login Security & Firewall.This issue affects Defender Security – Malware Scanner, Login Security & Firewall: from n/a through 4.1.0...

5CVSS7AI score0.0048EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/08 8:17 p.m.57 views

CVE-2023-51490

CVE-2023-51490 affects the WordPress Defender Security plugin by WPMU DEV, impacting Defender Security – Malware Scanner, Login Security & Firewall up to version 4.1.0. Root cause: Exposure of sensitive information to an unauthorized actor. The CVE is marked as patched in the sources. Remediation...

7.5CVSS7.8AI score0.0048EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/08 8:17 p.m.5 views

CVE-2023-51490 WordPress Defender Security Plugin <= 4.1.0 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPMU DEV Defender Security – Malware Scanner, Login Security & Firewall.This issue affects Defender Security – Malware Scanner, Login Security & Firewall: from n/a through 4.1.0...

5.3CVSS5.9AI score0.0048EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/12/27 12:0 a.m.14 views

WordPress Branda Plugin <= 3.4.14 is vulnerable to Bypass Vulnerability

Software Branda Type Plugin Vulnerable versions = 3.4.14 Fixed in 3.4.15 OWASP Top 10 A5: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2023-51542 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID 6298c3f8ebb2 Credits Brandon Roldan Required privilege...

5.3CVSS6.5AI score0.00372EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/15 12:0 a.m.20 views

WordPress Forminator Plugin <= 1.27.0 is vulnerable to Arbitrary File Upload

Software Forminator Type Plugin Vulnerable versions = 1.27.0 Fixed in 1.28.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-6133 Patch priority Low CVSS severity Low 6.6 Developer WPMU DEV PSID e543496c8db2 Credits István Márton Required privilege Administrator...

6.6CVSS6.8AI score0.00866EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/11/03 12:0 a.m.25 views

WordPress Defender Security Plugin <= 4.2.0 is vulnerable to Bypass Vulnerability

Software Defender Security Type Plugin Vulnerable versions = 4.2.0 Fixed in 4.2.1 OWASP Top 10 A5: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2023-47189 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID 9d721f7eb609 Credits Naveen Muthusamy Required...

9.8CVSS6.6AI score0.00451EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/09/06 12:0 a.m.32 views

WordPress Defender Security Plugin < 4.1.0 is vulnerable to Bypass Vulnerability

Software Defender Security Type Plugin Vulnerable versions 4.1.0 Fixed in 4.1.0 OWASP Top 10 A1: Broken Access Control Classification Bypass Vulnerability CVE CVE-2023-5089 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID e45ed857552b Credits Juan Pablo Gomez Postigo Required...

5.3CVSS6.9AI score0.02235EPSS
Exploits3References4Affected Software1
Rows per page
Query Builder