CVE-2026-4138

The DX Unanswered Comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7. This is due to missing nonce validation on the plugin's settings form in the dxuc-unanswered-comments-admin-page.php file. This makes it possible for...

CVE-2026-4138

The CVE-2026-4138 entry concerns the DX Unanswered Comments plugin for WordPress (versions up to 1.7). A Cross-Site Request Forgery vulnerability arises from missing nonce validation on the plugin’s settings form (dxuc-unanswered-comments-admin-page.php), enabling unauthenticated attackers to mod...

CVE-2026-4138 DX Unanswered Comments <= 1.7 - Cross-Site Request Forgery via Settings Update

The DX Unanswered Comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7. This is due to missing nonce validation on the plugin's settings form in the dxuc-unanswered-comments-admin-page.php file. This makes it possible for...

CVE-2026-4138

The DX Unanswered Comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7. This is due to missing nonce validation on the plugin's settings form in the dxuc-unanswered-comments-admin-page.php file. This makes it possible for...

WordPress Plugin Authors List Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Authors List, which stem...

CVE-2025-12010

The Authors List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.6.1 via the via arbitrary method call from AuthorsListShortcode class. This makes it possible for authenticated attackers, with Contributor-level access and above, to ca...

EUVD-2025-60959

The Authors List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.6.1 via the via arbitrary method call from AuthorsListShortcode class. This makes it possible for authenticated attackers, with Contributor-level access and above, to ca...

CVE-2025-12010

The Authors List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.6.1 via the via arbitrary method call from AuthorsListShortcode class. This makes it possible for authenticated attackers, with Contributor-level access and above, to ca...

CVE-2025-12010 Authors List <= 2.0.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Limited Method Call in Plugin's Shortcode

The Authors List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.6.1 via the via arbitrary method call from AuthorsListShortcode class. This makes it possible for authenticated attackers, with Contributor-level access and above, to ca...

CVE-2025-12010

CVE-2025-12010 – Authors List plugin (WordPress) Vulnerability: Authenticated (Contributor+) users can trigger a limited method call in the Authors_List_Shortcode class to perform sensitive information exposure, extracting data such as password hashes, email addresses, usernames, and activation k...

CVE-2025-12010 Authors List <= 2.0.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Limited Method Call in Plugin's Shortcode

The Authors List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.6.1 via the via arbitrary method call from AuthorsListShortcode class. This makes it possible for authenticated attackers, with Contributor-level access and above, to ca...

WordPress Authors List plugin <= 2.0.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Limited Method Call in plugin's Shortcode vulnerability

Authenticated Contributor+ Sensitive Information Exposure via Limited Method Call in plugin's Shortcode vulnerability discovered by kai in WordPress Plugin Authors List versions = 2.0.6.1...

PT-2025-46271

Name of the Vulnerable Software and Affected Versions Authors List plugin for WordPress versions prior to 2.0.6.2 Description The Authors List plugin for WordPress is susceptible to sensitive information exposure. Authenticated attackers with Contributor-level access or higher can exploit this...

WordPress plugin Authors List 信息泄露漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Authors List, which stem...

EUVD-2023-41808

Malicious code in bioql PyPI...

EUVD-2025-26985

Malicious code in bioql PyPI...

CVE-2025-58792

Cross-Site Request Forgery CSRF vulnerability in WPKube Authors List authors-list allows Cross Site Request Forgery.This issue affects Authors List: from n/a through = 2.0.6.2...

CVE-2025-58792

Cross-Site Request Forgery CSRF vulnerability in WPKube Authors List authors-list allows Cross Site Request Forgery.This issue affects Authors List: from n/a through = 2.0.6.2...

CVE-2025-58792

CVE-2025-58792 is a CSRF vulnerability in the WordPress Authors List plugin that affects versions up to 2.0.6.1. The issue can allow unauthorized actions to be performed on behalf of an authenticated user. Public references indicate exploitation potential via CSRF, with CVSS 3.1 base score 4.3 (M...

CVE-2025-58792 WordPress Authors List plugin <= 2.0.6.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WPKube Authors List authors-list allows Cross Site Request Forgery.This issue affects Authors List: from n/a through = 2.0.6.2...