EUVD-2025-60959

The Authors List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.6.1 via the via arbitrary method call from AuthorsListShortcode class. This makes it possible for authenticated attackers, with Contributor-level access and above, to ca...

CVE-2025-12010 Authors List <= 2.0.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Limited Method Call in Plugin's Shortcode

The Authors List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.6.1 via the via arbitrary method call from AuthorsListShortcode class. This makes it possible for authenticated attackers, with Contributor-level access and above, to ca...

WordPress plugin Authors List 信息泄露漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Authors List, which stem...

WordPress plugin Authors List 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

CVE-2024-13806 Authors List <= 2.0.6 - Unauthenticated Arbitrary Shortcode Execution

The The Authors List plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.6. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

PT-2025-9162 · WordPress · Authors List

Name of the Vulnerable Software and Affected Versions: The Authors List plugin for WordPress versions up to and including 2.0.6 Description: The issue arises from the software's failure to properly validate a value before executing the do shortcode action, allowing unauthenticated attackers to...

WordPress Authors List plugin <= 2.0.6 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by abrahack in WordPress Plugin Authors List versions = 2.0.6...

CVE-2024-10952

CVE-2024-10952 affects the WordPress Authors List plugin (versions up to 2.0.4). The vulnerability allows unauthenticated attackers to execute arbitrary shortcodes via update_authors_list_ajax, because the action does not validate the value before running do_shortcode. Impact is unauthenticated s...

CVE-2023-37981

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPKube Authors List plugin = 2.0.2 versions...

CVE-2023-37981 WordPress Authors List Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPKube Authors List plugin = 2.0.2 versions...

CVE-2023-37981

CVE-2023-37981 concerns the WordPress Authors List plugin (versions

WordPress Authors List Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Authors List Type Plugin Vulnerable versions = 2.0.2 Fixed in 2.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-37981 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 38312864f014 Credits LEE SE HYOUNG hackintoanetwork...