CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Vulnrichment•added 2025/05/19 7:50 p.m.•5 views

CVE-2025-39350 WordPress wProject theme < 5.8.0 - Unauthenticated Post/Comment/Attachment Modification/Deletion vulnerability

Missing Authorization vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0...

8.2CVSS6.9AI score0.00308EPSS

Exploits0References1

Cvelist•added 2025/05/19 7:50 p.m.•12 views

CVE-2025-39350 WordPress wProject theme < 5.8.0 - Unauthenticated Post/Comment/Attachment Modification/Deletion vulnerability

Missing Authorization vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0...

8.2CVSS0.00308EPSS

Exploits0References1

Vulnrichment•added 2025/05/19 7:40 p.m.•3 views

CVE-2025-39365 WordPress wProject theme < 5.8.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rocket Apps wProject allows Reflected XSS.This issue affects wProject: from n/a before 5.8.0...

7.1CVSS6.9AI score0.00185EPSS

Exploits0References1

Vulnrichment•added 2025/05/19 7:39 p.m.•3 views

CVE-2025-39366 WordPress wProject theme < 5.8.0 - Subscriber+ Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0...

8.8CVSS7AI score0.00254EPSS

Exploits0References1

Patchstack•added 2025/04/22 12:37 p.m.•1 views

WordPress wProject theme < 5.8.0 - Subscriber+ Privilege Escalation vulnerability

Subscriber+ Privilege Escalation vulnerability discovered by Dave Jong Patchstack in WordPress Theme wProject versions 5.8.0...

8.8CVSS7AI score0.00254EPSS

Exploits0Affected Software1

Patchstack•added 2025/04/22 12:33 p.m.•3 views

WordPress wProject theme < 5.8.0 - Unauthenticated Post/Comment/Attachment Modification/Deletion vulnerability

Unauthenticated Post/Comment/Attachment Modification/Deletion vulnerability discovered by Dave Jong Patchstack in WordPress Theme wProject versions 5.8.0...

8.2CVSS7AI score0.00308EPSS

Exploits0Affected Software1

Patchstack•added 2025/04/22 12:32 p.m.•1 views

WordPress wProject theme < 5.8.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Theme wProject versions 5.8.0...

7.1CVSS6.1AI score0.00185EPSS

Exploits0Affected Software1

Patchstack•added 2025/04/22 12:0 a.m.•3 views

WordPress wProject Theme < 5.8.0 is vulnerable to Privilege Escalation

Software wProject Type Theme Vulnerable versions 5.8.0 Fixed in 5.8.0 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2025-39366 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID dc57f98abe0c Credits Dave Jong Patchstack Required privileg...

8.8CVSS6.4AI score0.00254EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/04/22 12:0 a.m.•7 views

WordPress wProject Theme < 5.8.0 is vulnerable to Settings Change

Software wProject Type Theme Vulnerable versions 5.8.0 Fixed in 5.8.0 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2025-39350 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 99c3c6211330 Credits Dave Jong Patchstack Required privilege...

8.2CVSS6.4AI score0.00308EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by