cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-9187,https://securityvulnerability.io/vulnerability/CVE-2024-9187,Unauthorized Loss of Data Vulnerability in Read more By Adam Plugin for WordPress,"The Read more By Adam plugin for WordPress has a vulnerability that enables authenticated users to delete essential data due to an inadequate capability check in the deleteRm() function. This affects all versions up to and including 1.1.8, allowing individuals with Subscriber-level access and above to remove crucial read more buttons, potentially disrupting website functionality and user experience. Website administrators are advised to update the plugin promptly to mitigate risks associated with unauthorized data modifications.",Wordpress,Read More By Adam,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-10-12T05:39:39.961Z,0
CVE-2023-3392,https://securityvulnerability.io/vulnerability/CVE-2023-3392,Read More & Accordion < 3.2.7 - Admin+ PHP Object Injection,"The Read More & Accordion plugin for WordPress prior to version 3.2.7 contains a vulnerability that allows high-privilege users, such as administrators, to manipulate unserialized user input through the settings. This flaw could enable attackers to perform PHP Object Injection exploits, leading to potential unauthorized code execution if a suitable gadget is available. It is crucial for users to upgrade to the latest version to mitigate risks associated with this vulnerability.",Wordpress,Read More & Accordion,7.2,HIGH,0.0008399999933317304,false,,false,false,false,,false,false,2023-10-16T09:15:00.000Z,0
CVE-2023-1068,https://securityvulnerability.io/vulnerability/CVE-2023-1068,Cross-Site Request Forgery Vulnerability in Download Read More Excerpt Link Plugin for WordPress,"The Download Read More Excerpt Link plugin for WordPress is affected by a Cross-Site Request Forgery vulnerability in versions up to 1.6.0. A lack of adequate nonce validation in the read_more_excerpt_link_menu_options() function allows attackers to exploit this vulnerability. By sending forged requests, an unauthenticated attacker could manipulate plugin settings if they successfully trick an administrator into taking an action, such as clicking on a malicious link. This could lead to unauthorized changes that may compromise the integrity of the WordPress site.",Wordpress,Read More Excerpt Link,4.3,MEDIUM,0.0006500000017695129,false,,false,false,false,,false,false,2023-02-27T14:15:00.000Z,0
CVE-2022-38085,https://securityvulnerability.io/vulnerability/CVE-2022-38085,WordPress Read more By Adam plugin <= 1.1.8 - Cross-Site Request Forgery (CSRF) vulnerability,Cross-Site Request Forgery (CSRF) vulnerability in Read more By Adam plugin <= 1.1.8 at WordPress.,Wordpress,Read More By Adam (WordPress Plugin),5.4,MEDIUM,0.0010100000072270632,false,,false,false,false,,false,false,2022-09-23T15:15:00.000Z,0
CVE-2018-5669,https://securityvulnerability.io/vulnerability/CVE-2018-5669,,An issue was discovered in the read-and-understood plugin 2.1 for WordPress. CSRF exists via wp-admin/options-general.php.,Wordpress,Read And Understood,8.8,HIGH,0.004430000204592943,false,,false,false,false,,false,false,2018-01-13T00:29:00.000Z,0
CVE-2018-5668,https://securityvulnerability.io/vulnerability/CVE-2018-5668,,An issue was discovered in the read-and-understood plugin 2.1 for WordPress. XSS exists via the wp-admin/options-general.php rnu_username_validation_title parameter.,Wordpress,Read And Understood,4.8,MEDIUM,0.0007300000288523734,false,,false,false,false,,false,false,2018-01-13T00:29:00.000Z,0
CVE-2018-5667,https://securityvulnerability.io/vulnerability/CVE-2018-5667,,An issue was discovered in the read-and-understood plugin 2.1 for WordPress. XSS exists via the wp-admin/options-general.php rnu_username_validation_pattern parameter.,Wordpress,Read And Understood,4.8,MEDIUM,0.0007300000288523734,false,,false,false,false,,false,false,2018-01-13T00:29:00.000Z,0