2195 matches found
CVE-2026-24625
Missing Authorization vulnerability in Imaginate Solutions File Uploads Addon for WooCommerce woo-addon-uploads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects File Uploads Addon for WooCommerce: from n/a through = 1.7.3...
CVE-2025-68838
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in expresstechsoftware MemberPress Discord Addon expresstechsoftwares-memberpress-discord-add-on allows Reflected XSS.This issue affects MemberPress Discord Addon: from n/a through = 1.1.4...
CVE-2026-24625
Missing Authorization vulnerability in Imaginate Solutions File Uploads Addon for WooCommerce woo-addon-uploads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects File Uploads Addon for WooCommerce: from n/a through = 1.7.3...
CVE-2026-24625
CVE-2026-24625 describes a Missing Authorization flaw in Imaginate Solutions File Uploads Addon for WooCommerce (woo-addon-uploads) affecting versions up to and including 1.7.3. Public records from NVD/Red Hat/CVE listing confirm the issue is a broken access control vulnerability with a stated im...
CVE-2026-24625
Missing Authorization vulnerability in Imaginate Solutions File Uploads Addon for WooCommerce woo-addon-uploads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects File Uploads Addon for WooCommerce: from n/a through = 1.7.3...
CVE-2026-24625 WordPress File Uploads Addon for WooCommerce plugin <= 1.7.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Imaginate Solutions File Uploads Addon for WooCommerce woo-addon-uploads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects File Uploads Addon for WooCommerce: from n/a through = 1.7.3...
CVE-2026-24625 WordPress File Uploads Addon for WooCommerce plugin <= 1.7.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Imaginate Solutions File Uploads Addon for WooCommerce woo-addon-uploads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects File Uploads Addon for WooCommerce: from n/a through = 1.7.3...
CVE-2026-24605 WordPress X Addons for Elementor plugin <= 1.0.23 - Broken Access Control vulnerability
Missing Authorization vulnerability in pencilwp X Addons for Elementor x-addons-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects X Addons for Elementor: from n/a through = 1.0.23...
PT-2026-4429
Name of the Vulnerable Software and Affected Versions Livemesh Addons for WPBakery Page Builder versions through 3.9.4 Description The software contains a flaw related to improper input handling during web page creation, which can lead to Stored Cross-site Scripting XSS. This means that malicious...
WordPress plugin Zoho CRM Lead Magnet has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...
PT-2026-4456
Name of the Vulnerable Software and Affected Versions Imaginate Solutions File Uploads Addon for WooCommerce versions through 1.7.3 Description The File Uploads Addon for WooCommerce contains a flaw related to incorrectly configured access control security levels, potentially allowing unauthorize...
CVE-2026-24377
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.6.3...
CVE-2025-68838
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in expresstechsoftware MemberPress Discord Addon expresstechsoftwares-memberpress-discord-add-on allows Reflected XSS.This issue affects MemberPress Discord Addon: from n/a through = 1.1.4...
CVE-2026-24377 WordPress Nexter Blocks plugin <= 4.6.3 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.6.3...
CVE-2025-68838
CVE-2025-68838 – Reflected XSS in the ExpressTechSoftwares MemberPress Discord Addon (WordPress plugin: expresstechsoftwares-memberpress-discord-add-on) affecting versions up to and including 1.1.4. Attack vector is via improper input neutralization during web page generation, enabling reflected ...
CVE-2025-68838 WordPress MemberPress Discord Addon plugin <= 1.1.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in expresstechsoftware MemberPress Discord Addon expresstechsoftwares-memberpress-discord-add-on allows Reflected XSS.This issue affects MemberPress Discord Addon: from n/a through = 1.1.4...
CVE-2025-68838 WordPress MemberPress Discord Addon plugin <= 1.1.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in expresstechsoftware MemberPress Discord Addon expresstechsoftwares-memberpress-discord-add-on allows Reflected XSS.This issue affects MemberPress Discord Addon: from n/a through = 1.1.4...
CVE-2025-68838
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in expresstechsoftware MemberPress Discord Addon expresstechsoftwares-memberpress-discord-add-on allows Reflected XSS.This issue affects MemberPress Discord Addon: from n/a through = 1.1.4...
PT-2026-4084
Name of the Vulnerable Software and Affected Versions MemberPress Discord Addon versions through 1.1.4 Description The MemberPress Discord Addon contains a flaw related to improper input handling during web page generation, which allows for Reflected Cross-site Scripting XSS. This issue could...
WordPress plugin MemberPress Discord Addon: Cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...