Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High0

Medium2

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2025-05-14

CVE-2024-13688 - Admin And Site Enhancements Plugin

The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 uses a hardcoded password in its Password Protection feature, allowing attacker to bypass the protection offered via a crafted request

PLUGIN Admin And Site Enhancements

CVE-2024-13688

MEDIUM CVSS 5.3 2025-04-28

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2025-05-14

CVE-2024-13685 - Admin And Site Enhancements Plugin

The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate their value to bypass the login limit feature in the Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10.

PLUGIN Admin And Site Enhancements

CVE-2024-13685

MEDIUM CVSS 5.3 2025-03-04

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2024-13688 - Admin And Site Enhancements Plugin

CVE-2024-13685 - Admin And Site Enhancements Plugin

Company Links

Contact Us