474 matches found
EUVD-2024-43384
Malicious code in bioql PyPI...
WordPress Custom Post Type Attachment plugin <= 3.4.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Custom Post Type Attachment versions = 3.4.6...
CVE-2025-60116
Missing Authorization vulnerability in ThemeGoods Grand Conference Theme Custom Post Type grandconference-custom-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Conference Theme Custom Post Type: from n/a through 2.6.4...
WordPress Grand Conference Theme Custom Post Type plugin < 2.6.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Bonds in WordPress Plugin Grand Conference Theme Custom Post Type versions 2.6.4...
CVE-2025-60116
Missing Authorization vulnerability in ThemeGoods Grand Conference Theme Custom Post Type grandconference-custom-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Conference Theme Custom Post Type: from n/a through 2.6.4...
CVE-2025-60116
Missing Authorization vulnerability in ThemeGoods Grand Conference Theme Custom Post Type allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Grand Conference Theme Custom Post Type: from n/a through 2.6.3...
CVE-2025-60116 WordPress Grand Conference Theme Custom Post Type plugin < 2.6.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThemeGoods Grand Conference Theme Custom Post Type grandconference-custom-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Conference Theme Custom Post Type: from n/a through 2.6.4...
CVE-2025-60116
CVE-2025-60116: Missing Authorization in Grand Conference Theme Custom Post Type (WordPress). Affected software: Grand Conference Theme Custom Post Type up to version 2.6.3. Root cause: incorrectly configured access control/security levels enabling unauthorized actions on the custom post type. Ex...
CVE-2025-60116 WordPress Grand Conference Theme Custom Post Type plugin < 2.6.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThemeGoods Grand Conference Theme Custom Post Type grandconference-custom-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Conference Theme Custom Post Type: from n/a through 2.6.4...
WordPress plugin Grand Conference Theme Custom Post Type security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...
PT-2025-39563
Name of the Vulnerable Software and Affected Versions ThemeGoods Grand Conference Theme Custom Post Type versions through 2.6.3 Description An authorization issue exists in the ThemeGoods Grand Conference Theme Custom Post Type. The problem stems from incorrectly configured access control securit...
CVE-2025-58255
Cross-Site Request Forgery CSRF vulnerability in yonisink Custom Post Type Images custom-post-types-image allows Code Injection.This issue affects Custom Post Type Images: from n/a through = 0.5...
CVE-2025-58255
Cross-Site Request Forgery CSRF vulnerability in yonisink Custom Post Type Images custom-post-types-image allows Code Injection.This issue affects Custom Post Type Images: from n/a through = 0.5...
WordPress Custom Post Type Images Plugin <= 0.5 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Mika in WordPress Plugin Custom Post Type Images versions = 0.5...
CVE-2025-58255 WordPress Custom Post Type Images Plugin <= 0.5 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in yonisink Custom Post Type Images custom-post-types-image allows Code Injection.This issue affects Custom Post Type Images: from n/a through = 0.5...
CVE-2025-58255
CVE-2025-58255 describes a Cross-Site Request Forgery (CSRF) in the WordPress plugin Custom Post Type Images that allegedly enables Code Injection . The entry states affected versions are from n/a through 0.5 . Public metrics show a high-severity impact (CVSS 3.1/3.1: base score 9.6, CRITICAL, wi...
CVE-2025-58255 WordPress Custom Post Type Images Plugin <= 0.5 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in yonisink Custom Post Type Images custom-post-types-image allows Code Injection.This issue affects Custom Post Type Images: from n/a through = 0.5...
PT-2025-38918
Name of the Vulnerable Software and Affected Versions yonisink Custom Post Type Images versions through 0.5 Description A Cross-Site Request Forgery CSRF issue exists in yonisink Custom Post Type Images that can lead to Code Injection. The issue allows for potential code execution through crafted...
CVE-2025-28975
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in redqteam Alike - WordPress Custom Post Comparison alike allows Reflected XSS.This issue affects Alike - WordPress Custom Post Comparison: from n/a through = 3.0.1...
CVE-2025-28975
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in redqteam Alike - WordPress Custom Post Comparison alike allows Reflected XSS.This issue affects Alike - WordPress Custom Post Comparison: from n/a through = 3.0.1...