Show filters
64 Total Results
Displaying 51-60 of 64
Sort by:
Attacker Value
Unknown
CVE-2022-38356
Disclosure Date: May 25, 2023 (last updated October 08, 2023)
Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes WordPress Header Builder Plugin – Pearl plugin <= 1.3.4 versions.
0
Attacker Value
Unknown
CVE-2022-3989
Disclosure Date: December 12, 2022 (last updated October 08, 2023)
The Motors WordPress plugin before 1.4.4 does not properly validate uploaded files for dangerous file types (such as .php) in an AJAX action, allowing an attacker to sign up on a victim's WordPress instance, upload a malicious PHP file and attempt to launch a brute-force attack to discover the uploaded payload.
0
Attacker Value
Unknown
CVE-2022-25615
Disclosure Date: April 11, 2022 (last updated February 23, 2025)
Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion.
0
Attacker Value
Unknown
CVE-2022-25614
Disclosure Date: April 11, 2022 (last updated February 23, 2025)
Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.7 allows an attacker to Sync with Zoom Meetings.
0
Attacker Value
Unknown
CVE-2022-0441
Disclosure Date: March 07, 2022 (last updated February 23, 2025)
The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin
0
Attacker Value
Unknown
CVE-2021-36879
Disclosure Date: July 27, 2021 (last updated February 23, 2025)
Unauthenticated Privilege Escalation vulnerability in WordPress uListing plugin (versions <= 2.0.5). Possible if WordPress configuration allows user registration.
0
Attacker Value
Unknown
CVE-2021-36878
Disclosure Date: July 27, 2021 (last updated February 23, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to update settings.
0
Attacker Value
Unknown
CVE-2021-36877
Disclosure Date: July 27, 2021 (last updated February 23, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to modify user roles.
0
Attacker Value
Unknown
CVE-2021-36876
Disclosure Date: July 27, 2021 (last updated February 23, 2025)
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in WordPress uListing plugin (versions <= 2.0.5) as it lacks CSRF checks on plugin administration pages.
0
Attacker Value
Unknown
CVE-2021-36875
Disclosure Date: July 27, 2021 (last updated February 23, 2025)
Authenticated Reflected Cross-Site Scripting (XSS) vulnerability in WordPress uListing plugin (versions <= 2.0.5). Vulnerable parameters: &filter[id], &filter[user], &filter[expired_date], &filter[created_date], &filter[updated_date].
0
