6 matches found
CVE-2025-53571 WordPress HAPPY plugin <= 1.0.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through = 1.0.6...
PT-2025-36253
Name of the Vulnerable Software and Affected Versions: VillaTheme HAPPY versions n/a through 1.0.6 Description: A missing authorization issue exists in VillaTheme HAPPY, allowing exploitation due to incorrectly configured access control security levels. Recommendations: Update VillaTheme HAPPY to...
CVE-2025-49317 WordPress WP Page Loading plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in NTC WP Page Loading wp-page-loading allows Cross Site Request Forgery.This issue affects WP Page Loading: from n/a through = 1.0.6...
CVE-2024-55983
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PowerFormBuilder PowerFormBuilder power-forms-builder allows SQL Injection.This issue affects PowerFormBuilder: from n/a through = 1.0.6...
CVE-2024-2324
The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Stored Cross-Site Scripting via svg file upload in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers t...
PT-2024-23987 · WordPress · Easy Login Styler
Name of the Vulnerable Software and Affected Versions: Easy Login Styler – White Label Admin Login Page for WordPress versions 1.0.6 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as cross-site scripting. This allows for...