Skip to main content
CVE-2019-15826 CRITICAL POC Act Now

The wps-hide-login plugin before 1.5.3 for WordPress has a protection bypass via wp-login.php in the Referer field. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP WordPress Wps Hide Login
NVD
CVSS 3.0
9.8
EPSS
3.0%
CVE-2019-15825 CRITICAL POC Act Now

The wps-hide-login plugin before 1.5.3 for WordPress has an action=rp&key&login protection bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass WordPress Wps Hide Login
NVD
CVSS 3.0
9.8
EPSS
3.0%
CVE-2019-15824 CRITICAL POC Act Now

The wps-hide-login plugin before 1.5.3 for WordPress has an adminhash protection bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass WordPress Wps Hide Login
NVD
CVSS 3.0
9.8
EPSS
3.0%
CVE-2019-15823 CRITICAL POC Act Now

The wps-hide-login plugin before 1.5.3 for WordPress has an action=confirmaction protection bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass WordPress Wps Hide Login
NVD
CVSS 3.0
9.8
EPSS
8.6%
CVE-2019-15819 CRITICAL POC Act Now

The nd-restaurant-reservations plugin before 1.5 for WordPress has no requirement for nd_rst_import_settings_php_function authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass WordPress Restaurant Reservations
NVD
CVSS 3.0
9.8
EPSS
3.2%
CVE-2019-15822 CRITICAL Act Now

The wps-child-theme-generator plugin before 1.2 for WordPress has classes/helpers.php directory traversal. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Path Traversal WordPress Wps Child Theme Generator
NVD
CVSS 3.0
9.8
EPSS
3.4%
CVE-2019-5608 CRITICAL PATCH Act Now

In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Freebsd Clustered Data Ontap
NVD
CVSS 3.1
9.8
EPSS
2.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy