Aggregator

CVE-2024-13425 | wpjobportal WP Job Portal Plugin up to 2.2.6 on WordPress enforcedelete authorization

VulDB Recent Entries
7 months 3 weeks ago
A vulnerability has been found in wpjobportal WP Job Portal Plugin up to 2.2.6 on WordPress and classified as problematic. Affected by this vulnerability is the function enforcedelete. The manipulation leads to authorization bypass. This vulnerability is known as CVE-2024-13425. The attack can be launched remotely. There is no exploit available.
vuldb.com

CVE-2024-13343 | Vanquish WooCommerce Customers Manager Plugin up to 31.3 on WordPress ajax_assign_new_roles privileges management

VulDB Recent Entries
7 months 3 weeks ago
A vulnerability, which was classified as critical, was found in Vanquish WooCommerce Customers Manager Plugin up to 31.3 on WordPress. Affected is the function ajax_assign_new_roles. The manipulation leads to improper privilege management. This vulnerability is traded as CVE-2024-13343. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com

CVE-2024-12184 | Cimatti Contact Forms Plugin up to 1.9.4 on WordPress accua_forms_download_submitted_file authorization

VulDB Recent Entries
7 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in Cimatti Contact Forms Plugin up to 1.9.4 on WordPress. This issue affects the function accua_forms_download_submitted_file. The manipulation leads to missing authorization. The identification of this vulnerability is CVE-2024-12184. The attack may be initiated remotely. There is no exploit available.
vuldb.com

CVE-2025-0366 | artbees Jupiter X Core Plugin up to 4.8.7 on WordPress SVG File get_svg filename control

VulDB Recent Entries
7 months 3 weeks ago
A vulnerability classified as critical was found in artbees Jupiter X Core Plugin up to 4.8.7 on WordPress. This vulnerability affects the function get_svg of the component SVG File Handler. The manipulation leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability was named CVE-2025-0366. The attack can be initiated remotely. There is no exploit available.
vuldb.com

CVE-2024-12102 | seventhqueen Typer Core Plugin up to 1.9.6 on WordPress Shortcode elementor-template authorization

Vuldb Updates
7 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in seventhqueen Typer Core Plugin up to 1.9.6 on WordPress. Affected by this issue is the function elementor-template of the component Shortcode Handler. The manipulation leads to authorization bypass. This vulnerability is handled as CVE-2024-12102. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2024-12269 | enamulwp Safe Ai Malware Protection for WP Plugin up to 1.0.17 on WordPress export_db authorization

Vuldb Updates
7 months 3 weeks ago
A vulnerability was found in enamulwp Safe Ai Malware Protection for WP Plugin up to 1.0.17 on WordPress and classified as critical. This issue affects the function export_db. The manipulation leads to missing authorization. The identification of this vulnerability is CVE-2024-12269. The attack may be initiated remotely. There is no exploit available.
vuldb.com

CVE-2025-23367 | Red Hat Build of Keycloak Wildfly Server Role Based Access Control Provider access control

Vuldb Updates
7 months 3 weeks ago
A vulnerability classified as critical was found in Red Hat Build of Keycloak, Data Grid, Fuse, JBoss Data Grid, JBoss Enterprise Application Platform, JBoss Enterprise Application Platform Expansion Pack, Process Automation and Single Sign-On. Affected by this vulnerability is an unknown functionality of the component Wildfly Server Role Based Access Control Provider. The manipulation leads to improper access controls. This vulnerability is known as CVE-2025-23367. The attack can be launched remotely. There is no exploit available.
vuldb.com

Managed ad