EUVD-2021-23477

Malware in sbrugna...

CVE-2025-2505

The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution of code in those...

CVE-2025-2505

The CVE-2025-2505 entry concerns the WordPress Age Gate plugin, affected versions up to and including 3.5.3. A local PHP file inclusion via the lang parameter allows unauthenticated attackers to include and execute arbitrary PHP files on the server, potentially bypassing access controls and expos...

CVE-2025-2505 Age Gate <= 3.5.3 - Unauthenticated Local PHP File Inclusion via 'lang'

The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution of code in those...

CVE-2025-2505 Age Gate <= 3.5.3 - Unauthenticated Local PHP File Inclusion via 'lang'

The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution of code in those...

WordPress Age Gate plugin <= 3.5.3 - Unauthenticated Local PHP File Inclusion via 'lang' vulnerability

Unauthenticated Local PHP File Inclusion via 'lang' vulnerability discovered by mikemyers in WordPress Plugin Age Gate versions = 3.5.3...

WordPress Age Gate plugin跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. WordPress Age Gate plugin 2.1.70 and earlier versions are vulnerable to a cross-site scripting vulnerability...

CVE-2021-36901

Unauthenticated Stored Cross-Site Scripting XSS vulnerability in Phil Baker's Age Gate plugin = 2.17.0 at WordPress...

CVE-2021-36901

Unauthenticated Stored Cross-Site Scripting XSS vulnerability in Phil Baker's Age Gate plugin = 2.17.0 at WordPress...

CVE-2021-36901 WordPress Age Gate plugin <= 2.17.0 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability

Unauthenticated Stored Cross-Site Scripting XSS vulnerability in Phil Baker's Age Gate plugin = 2.17.0 at WordPress...

CVE-2021-36901 WordPress Age Gate plugin <= 2.17.0 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability

Unauthenticated Stored Cross-Site Scripting XSS vulnerability in Phil Baker's Age Gate plugin = 2.17.0 at WordPress...

WordPress plugin Age Gate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. WordPress Age Gate plugin 2.1.70 and earlier versions are vulnerable to a cross-site scripting vulnerability...

Age Gate < 2.20.4 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting PoC With the "Age Gate User Registration" addon installed: https://example.com/wp-admin/admin.php?page=age-gate" With any addon installed:...

VulnCheck KEV: CVE-2021-36901

Unauthenticated Stored Cross-Site Scripting XSS vulnerability in Phil Baker's Age Gate plugin = 2.17.0 at WordPress...

WordPress Age Gate plugin <= 2.16.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Martin Vierula Trustwave in WordPress Age Gate plugin versions = 2.16.3. Solution Update the WordPress Age Gate plugin to the latest available version at least 2.16.4...

Age Gate < 2.16.4 - Authenticated Stored Cross-Site Scripting

The plugin does not sanitise and escape the 'Additional content' setting of its 'Messaging' page, which could allow users having access to such setting by default admin, but the plugin has a feature to change this and allow access to lower privileged users to perform Cross-Site Scripting attacks...

WordPress WordPress Age Gate plugin <= 2.13.4 - URL Redirection to Untrusted Site ('Open Redirect') vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability found by Ilca Lucian Florin in WordPress WordPress Age Gate plugin versions = 2.13.4. Solution 2020-11-30 - we were unable to find a patched version of this plugin...