Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High0

Medium2

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2025-01-07

CVE-2024-12176 - Wordlift Plugin

The WordLift – AI powered SEO – Schema plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'wl_config_plugin' AJAX action in all versions up to, and including, 3.54.0. This makes it possible for unauthenticated attackers to update the plugin's settings.

PLUGIN Wordlift

CVE-2024-12176

MEDIUM CVSS 5.3 2025-01-07

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2025-05-22

CVE-2022-3069 - Wordlift Plugin

The WordLift WordPress plugin before 3.37.2 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

PLUGIN Wordlift

CVE-2022-3069

MEDIUM CVSS 4.8 2022-09-26

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2024-12176 - Wordlift Plugin

CVE-2022-3069 - Wordlift Plugin

Company Links

Contact Us