CVE-2023-32587

Cross-Site Request Forgery CSRF vulnerability in WP Reactions, LLC WP Reactions Lite plugin = 1.3.8 versions...

CVE-2025-32587

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in pickupp WooCommerce Pickupp wc-pickupp allows PHP Local File Inclusion.This issue affects WooCommerce Pickupp: from n/a through = 2.4.3...

CVE-2025-32587

creationtimestamp| type| source ---|---|--- 2025-04-11 11:48:36+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114319171016417004...

CVE-2025-32587

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in pickupp WooCommerce Pickupp wc-pickupp allows PHP Local File Inclusion.This issue affects WooCommerce Pickupp: from n/a through = 2.4.3...

CVE-2025-32587

CVE-2025-32587 is an unauthenticated path traversal leading to local file inclusion in WooCommerce Pickupp (WooCommerce Pickupp plugin) up to version 2.4.0. The vulnerability is a path traversal flaw that could result in sensitive file access, with CVSS 3.1 metrics indicating network attack, high...

CVE-2025-32587 WordPress WooCommerce Pickupp plugin <= 2.4.3 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in pickupp WooCommerce Pickupp wc-pickupp allows PHP Local File Inclusion.This issue affects WooCommerce Pickupp: from n/a through = 2.4.3...

WordPress WooCommerce Pickupp plugin <= 2.4.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin WooCommerce Pickupp versions = 2.4.3...

CVE-2024-32587

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EnvialoSimple EnvíaloSimple allows Reflected XSS.This issue affects EnvíaloSimple: from n/a through 2.2...

CVE-2024-32587

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EnvialoSimple EnvíaloSimple allows Reflected XSS.This issue affects EnvíaloSimple: from n/a through 2.2...

CVE-2024-32587 WordPress EnvíaloSimple plugin <= 2.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EnvialoSimple EnvíaloSimple allows Reflected XSS.This issue affects EnvíaloSimple: from n/a through 2.2...

CVE-2024-32587

CVE-2024-32587 affects EnvialoSimple EnvíaloSimple (WordPress plugin) with a Reflected XSS in the plugin’s web page generation. Affected range: EnvíaloSimple from n/a through 2.2; connected Red Hat/ENISA entries confirm the cross-site scripting issue. The Wordfence vulnerability record shows a PA...

WordPress EnvíaloSimple Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS)

Software EnvíaloSimple Type Plugin Vulnerable versions = 2.2 Fixed in 2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32587 Patch priority Medium CVSS severity Medium 5.8 Developer Claim ownership PSID ce11fde5722d Credits Yudistira Arya Required privilege...

CVE-2023-32587

Cross-Site Request Forgery CSRF vulnerability in WP Reactions, LLC WP Reactions Lite plugin = 1.3.8 versions...

CVE-2023-32587

CVE-2023-32587 describes a Cross-Site Request Forgery (CSRF) in the WP Reactions Lite plugin for WordPress, affected versions

CVE-2023-32587 WordPress WP Reactions Lite Plugin <= 1.3.8 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in WP Reactions, LLC WP Reactions Lite plugin = 1.3.8 versions...

WordPress WP Reactions Lite Plugin <= 1.3.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Reactions Lite Type Plugin Vulnerable versions = 1.3.8 Fixed in 1.3.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-32587 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID b436a9de7ad3 Credits István Márton...

CVE-2022-32587

Cross-Site Request Forgery CSRF vulnerability in CodeAndMore WP Page Widget plugin = 3.9 on WordPress leading to plugin settings change...

CVE-2022-32587

Summary: CVE-2022-32587 affects the CodeAndMore WP Page Widget plugin for WordPress, specifically versions &lt;= 3.9, due to a CSRF weakness that allows changes to plugin settings. Affected software: CodeAndMore WP Page Widget plugin (WordPress)

CVE-2022-32587 WordPress WP Page Widget plugin <= 3.9 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in CodeAndMore WP Page Widget plugin = 3.9 on WordPress leading to plugin settings change...

CVE-2022-32587 WordPress WP Page Widget plugin <= 3.9 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in CodeAndMore WP Page Widget plugin = 3.9 on WordPress leading to plugin settings change...