Unauthenticated remote brute-force of the Dbit N300 T1 Pro wireless router (firmware V1.0.0) is trivially achievable because the /api/login endpoint imposes no rate limiting, account lockout, or throttling of any kind. Any attacker with network access to the management interface can attempt unlimited password guesses until admin credentials are found. A publicly available proof-of-concept exploit exists on GitHub; however, EPSS at 0.29% (21st percentile) and absence from CISA KEV suggest exploitation remains limited in practice, likely constrained by the product's small market footprint.
PodcastGenerator 3.2.9 contains a blind server-side request forgery vulnerability that allows attackers to inject XML in the episode upload form. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG files with embedded external links. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Stored cross-site scripting (XSS) in ThemeNectar Salient Shortcodes WordPress plugin through version 1.5.4 allows authenticated users with low privileges to inject malicious scripts that execute in the context of higher-privileged administrators or other site visitors. The vulnerability requires user interaction (UI:R in CVSS vector) and affects the shortcode generation functionality, enabling persistence of malicious payloads in page content. EPSS score of 0.06% indicates low real-world exploitation probability despite the moderate CVSS 6.5 rating.
Stored cross-site scripting (XSS) in VK Google Job Posting Manager WordPress plugin versions up to 1.2.22 allows authenticated users with low privileges to inject malicious scripts that execute in the context of other users' browsers, potentially compromising site administrators. The vulnerability requires user interaction (clicking a link or viewing a malicious page) to trigger payload execution and affects the plugin's web page generation functionality. EPSS probability of exploitation is notably low at 0.04%, suggesting this is primarily a theoretical risk without documented active exploitation.
Stored cross-site scripting (XSS) in Premio Stars Testimonials WordPress plugin versions 3.3.4 and below allows authenticated users to inject malicious scripts that execute in the context of other users' browsers, potentially compromising site administrators or visitors. The vulnerability requires user interaction (UI:R) and authenticated access (PR:L), limiting immediate risk, but the stored nature means injected payloads persist and affect multiple users. No public exploit code or active KEV status is documented, though the 6.5 CVSS score reflects moderate severity when considering cross-site impact.
Authorization bypass in Essential Real Estate WordPress plugin versions through 5.2.9 allows authenticated users to access sensitive real estate data they should not have permission to view through user-controlled key manipulation. The vulnerability exploits incorrectly configured access control at the application level, enabling privilege escalation from a standard user account to view confidential information such as property details or pricing. No public exploit code has been identified, and the EPSS score of 0.04% indicates low exploitation probability despite the CVSS 6.5 severity rating.
Keycloak's admin API endpoints for authorization resource management contain an IDOR vulnerability allowing authenticated administrators with fine-grained permissions for one client to delete or modify resources belonging to other clients within the same realm. The flaw exists in ResourceSetService and PermissionTicketService where authorization checks validate the resourceServer (client) ID from the API request, but backend database operations use only the resourceId, creating a permission bypass. Affected administrators can exploit this with standard HTTP requests to cross-client resource boundaries; no public exploit code identified at time of analysis.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Barn2 Plugins Document Library Lite document-library-lite allows DOM-Based XSS.This issue affects Document Library Lite: from n/a through <= 1.1.7.
Server-Side Request Forgery (SSRF) vulnerability in LMPixels Kerge kerge allows Server Side Request Forgery.This issue affects Kerge: from n/a through <= 4.1.3.
Authenticated users with limited privileges can modify plugin settings and access functionality they should not have access to via missing authorization checks in Buttoner for Elementor through version 1.0.6. The vulnerability requires valid WordPress user credentials but no administrative role, allowing privilege escalation within the plugin's configuration interface. EPSS score of 0.05% indicates low exploitation probability despite network accessibility.
Missing Authorization vulnerability in Nitesh Ultimate Auction ultimate-auction allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Auction : from n/a through <= 4.3.3.
Missing authorization in NinjaTeam FileBird Pro WordPress plugin versions up to 6.5.1 allows authenticated users to access and modify files they should not have permission to view or edit due to incorrectly configured access control security levels. The vulnerability requires valid user credentials but can lead to disclosure and modification of sensitive files within the plugin's file management interface. EPSS exploitation probability is low at 0.04%, and no public exploit code has been identified at the time of analysis.
Cross-Site Request Forgery (CSRF) vulnerability in Meks Meks Quick Plugin Disabler meks-quick-plugin-disabler allows Cross Site Request Forgery.This issue affects Meks Quick Plugin Disabler: from n/a through <= 1.0.
Cross-Site Request Forgery (CSRF) vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush-contentshake allows Cross Site Request Forgery.This issue affects Semrush Content Toolkit: from n/a through <= 1.1.32.
Broken access control in ThemeFusion Avada WordPress theme through version 7.13.2 allows authenticated attackers with low privileges to access functionality improperly constrained by access control lists, potentially achieving full site compromise. With CVSS 8.8 (High) due to network-based access requiring only low-privilege authentication, attackers can achieve high confidentiality, integrity, and availability impact. EPSS probability remains low at 0.06% (18th percentile), and no public exploit identified at time of analysis, suggesting limited immediate exploitation risk despite the critical CVSS rating.
Insertion of Sensitive Information Into Sent Data vulnerability in wowpress.host Fix Media Library wow-media-library-fix allows Retrieve Embedded Sensitive Data.This issue affects Fix Media Library: from n/a through <= 2.0.
Authorization Bypass Through User-Controlled Key vulnerability in Barn2 Plugins Document Library Lite document-library-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Document Library Lite: from n/a through <= 1.1.7.
Missing Authorization vulnerability in favethemes Homey Core homey-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Homey Core: from n/a through <= 2.4.3.
Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through <= 4.0.7.
Missing Authorization vulnerability in Brevo Sendinblue for WooCommerce woocommerce-sendinblue-newsletter-subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendinblue for WooCommerce: from n/a through <= 4.0.49.
Missing Authorization vulnerability in SiteGround SiteGround Security sg-security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteGround Security: from n/a through <= 1.5.8.
Missing Authorization vulnerability in CatFolders CatFolders catfolders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CatFolders: from n/a through <= 2.5.3.
Missing Authorization vulnerability in OnPay.io OnPay.io for WooCommerce onpay-io-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OnPay.io for WooCommerce: from n/a through <= 1.0.47.
Missing Authorization vulnerability in WP-EXPERTS.IN Protect WP Admin protect-wp-admin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protect WP Admin: from n/a through <= 4.1.
Missing Authorization vulnerability in Design Stylish Price List stylish-price-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stylish Price List: from n/a through <= 7.2.2.
Missing Authorization vulnerability in Syed Balkhi Feeds for YouTube feeds-for-youtube allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Feeds for YouTube: from n/a through <= 2.4.0.
Broken access control in Yaad Sarig Payment Gateway for WooCommerce (versions ≤2.2.11) allows unauthenticated remote attackers to bypass authorization checks and gain unauthorized access to payment gateway functions. With CVSS 9.1 (Critical) scoring reflecting network-accessible exploitation requiring no privileges or user interaction, attackers can read or modify sensitive payment data. EPSS score of 0.04% (14th percentile) suggests low observed exploitation probability despite severity. No public exploit identified at time of analysis, though the authentication bypass tag indicates potential for unauthorized transaction manipulation or data exposure in WordPress e-commerce environments.
Unauthenticated remote attackers can bypass access controls in ZEEN101 Leaky Paywall WordPress plugin versions up to 4.22.6, gaining unauthorized access to restricted content through incorrectly configured security levels. The vulnerability requires no user interaction and can be exploited over the network, though it is limited to information disclosure (CVSS 5.3, EPSS 0.04%). No public exploit code or active exploitation has been identified at time of analysis.
Missing authorization in WP Compress for MainWP plugin versions up to 6.50.17 allows unauthenticated remote attackers to modify plugin settings due to incorrectly configured access control, affecting integrity of compressed content and plugin configuration without requiring authentication or user interaction.
Unauthenticated remote attackers can access sensitive sitemap data in Google XML Sitemaps WordPress plugin versions through 4.1.22 due to missing authorization checks on sitemap endpoints. The vulnerability allows unauthorized information disclosure of site structure and indexed pages without requiring authentication or user interaction. While the CVSS score is moderate (5.3), real-world exploitation probability is very low (EPSS 0.04th percentile), suggesting this is primarily an information disclosure risk rather than an active threat.
Authorization bypass in FAPI Member WordPress plugin through version 2.2.29 allows unauthenticated remote attackers to access or modify resources via insecure direct object references (IDOR) exploiting misconfigured access control security levels. The vulnerability requires no authentication, low attack complexity, and results in confidentiality and integrity impact without availability compromise. EPSS score of 0.04% indicates minimal real-world exploitation probability despite the moderate CVSS score.
Missing authorization in g5theme Essential Real Estate WordPress plugin version 5.2.9 and earlier allows authenticated users to access or modify restricted resources by exploiting inadequately configured access controls. An attacker with low-privilege WordPress account credentials can leverage the broken access control to view sensitive information and make unauthorized modifications without requiring administrative approval. No public exploit code is currently identified, though the vulnerability is documented in the Patchstack security database.
Missing Authorization vulnerability in templateinvaders TI WooCommerce Wishlist ti-woocommerce-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TI WooCommerce Wishlist: from n/a through <= 2.10.0.
Missing Authorization vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business Directory: from n/a through <= 6.4.19.
WCFM Marketplace plugin through version 3.7.1 fails to properly enforce authorization controls, allowing authenticated users with limited privileges to cause denial of service or access functionality they should not have. The vulnerability affects the WordPress plugin across all installations through the specified version, exploiting incorrectly configured access control security levels via network-accessible endpoints. With an EPSS score of 0.05% and low real-world exploitation probability, this represents a privilege escalation risk primarily for multi-vendor marketplace administrators.
Missing Authorization vulnerability in azzaroco Ultimate Learning Pro indeed-learning-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Learning Pro: from n/a through <= 3.9.3.
Open redirect vulnerability in wpWax Directorist WordPress plugin versions up to 8.6.6 allows unauthenticated remote attackers to redirect users to arbitrary external websites via crafted URL parameters, enabling phishing attacks. The vulnerability requires user interaction (clicking a malicious link) but has a network attack vector with low complexity. EPSS exploitation probability is very low at 0.04%, and no active exploitation or public proof-of-concept has been identified.
Missing Authorization vulnerability in e-plugins Directory Pro directory-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directory Pro: from n/a through <= 2.5.6.
Missing Authorization vulnerability in ThemeNectar Salient Core salient-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salient Core: from n/a through <= 3.0.8.
Missing Authorization vulnerability in netopsae Accessibility by AudioEye accessibility-by-audioeye allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility by AudioEye: from n/a through <= 1.0.49.
Missing Authorization vulnerability in ryanpcmcquen Import external attachments import-external-attachments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Import external attachments: from n/a through <= 1.5.12.
Missing Authorization vulnerability in Codexpert, Inc Restrict Elementor Widgets, Columns and Sections restrict-elementor-widgets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Elementor Widgets, Columns and Sections: from n/a through <= 1.12.
Missing Authorization vulnerability in Imtiaz Rayhan WP Coupons and Deals wp-coupons-and-deals allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Coupons and Deals: from n/a through <= 3.2.4.
Missing Authorization vulnerability in NicolasKulka WPS Bidouille wps-bidouille allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPS Bidouille: from n/a through <= 1.33.1.
Missing Authorization vulnerability in sonalsinha21 SKT Page Builder skt-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SKT Page Builder: from n/a through <= 4.9.
Missing authorization in the WordPress Read More & Accordion plugin (expand-maker) versions 3.5.5.1 and earlier allows authenticated users to access restricted functionality through incorrectly configured access controls, potentially revealing sensitive information. The vulnerability requires user authentication and network access but carries a CVSS score of 6.5 due to high confidentiality impact, though real-world exploitation probability remains low at 0.04% EPSS. No public exploit code or active exploitation has been identified at time of analysis.
Inadequately configured access control in Easy Property Listings WordPress plugin versions 3.5.21 and earlier allows authenticated users to access sensitive information they should not be authorized to view. An authenticated attacker with user-level privileges can bypass authorization checks to read property listing data or other restricted content due to missing authorization validation on API endpoints or functionality. EPSS exploitation probability is very low at 0.04%, and no public exploit code has been identified, indicating limited real-world threat despite the authentication-bypass tag.
Authenticated users with limited privileges can access search and replace functionality in CM On Demand Search And Replace WordPress plugin (versions up to 1.5.5) due to missing authorization checks on restricted features. An attacker with basic user credentials can perform privileged actions intended only for administrators, affecting data confidentiality through unauthorized content access. This is confirmed as an authentication bypass vulnerability with low real-world exploitation probability (EPSS 0.04%) despite the missing authorization flaw.
Cross-Site Request Forgery (CSRF) vulnerability in Yoav Farhi RTL Tester rtl-tester allows Cross Site Request Forgery.This issue affects RTL Tester: from n/a through <= 1.2.