WordPress MimeTypes Link Icons plugin <= 3.2.20 - Authenticated (Contributor+) Server-Side Request Forgery via Crafted Links in Post Content vulnerability

Authenticated Contributor+ Server-Side Request Forgery via Crafted Links in Post Content vulnerability discovered by Kai Aizen in WordPress Plugin MimeTypes Link Icons versions = 3.2.20...

CVE-2026-1313 MimeTypes Link Icons <= 3.2.20 - Authenticated (Contributor+) Server-Side Request Forgery via Crafted Links in Post Content

The MimeTypes Link Icons plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.2.20. This is due to the plugin making outbound HTTP requests to user-controlled URLs without proper validation when the "Show file size" option is enabled. This make...

CVE-2026-1313 MimeTypes Link Icons <= 3.2.20 - Authenticated (Contributor+) Server-Side Request Forgery via Crafted Links in Post Content

The MimeTypes Link Icons plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.2.20. This is due to the plugin making outbound HTTP requests to user-controlled URLs without proper validation when the "Show file size" option is enabled. This make...

CVE-2026-1321

The CVE-2026-1321 entry affects the WordPress plugin “Membership Plugin – Restrict Content” (Restrict Content) and describes an unauthenticated privilege-escalation in all versions up to 3.2.20. The root cause is that rcp_setup_registration_init() accepts any membership level ID via the rcp_level...

WordPress Membership plugin - Restrict Content plugin <= 3.2.20 - Unauthenticated Privilege Escalation via 'rcp_level' vulnerability

WordPress Membership plugin - Restrict Content plugin = 3.2.20 - Unauthenticated Privilege Escalation via 'rcplevel' vulnerability discovered by shark3y in WordPress Plugin Restrict Content versions = 3.2.20...

WordPress plugin Membership Plugin – Restrict Content 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2026-24957

Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through = 3.2.20...

CVE-2026-24957 WordPress Strong Testimonials plugin <= 3.2.20 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through = 3.2.20...

EUVD-2026-5221

Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through = 3.2.20...

CVE-2026-24957 WordPress Strong Testimonials plugin <= 3.2.20 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through = 3.2.20...

CVE-2026-24957

Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through = 3.2.20...

WordPress plugin Strong Testimonials 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-6224

Name of the Vulnerable Software and Affected Versions WP Chill Strong Testimonials versions through 3.2.20 Description A missing authorization issue exists in WP Chill Strong Testimonials, allowing exploitation of incorrectly configured access control security levels. Recommendations Update WP...

WordPress Strong Testimonials plugin <= 3.2.20 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Doan Dinh Van in WordPress Plugin Strong Testimonials versions = 3.2.20...

CVE-2025-58957

Missing Authorization vulnerability in Vikas Ratudi VPSUForm v-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VPSUForm: from n/a through = 3.2.20...

CVE-2025-58957

Missing Authorization vulnerability in Vikas Ratudi VPSUForm v-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VPSUForm: from n/a through = 3.2.20...

WordPress VPSUForm Plugin <= 3.2.20 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Legion Hunter in WordPress Plugin VPSUForm versions = 3.2.20...

CVE-2025-58957 WordPress VPSUForm Plugin <= 3.2.20 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Vikas Ratudi VPSUForm v-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VPSUForm: from n/a through = 3.2.20...

CVE-2025-58957 WordPress VPSUForm Plugin <= 3.2.20 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Vikas Ratudi VPSUForm v-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VPSUForm: from n/a through = 3.2.20...

CVE-2025-58957

Technical details about CVE-2025-58957 are not provided in the connected documents. The description mentions a Missing Authorization issue in VPSUForm