4 matches found
CVE-2025-11755
The CVE-2025-11755 entry concerns the WP Delicious – Recipe Plugin for WordPress (formerly Delicious Recipes) with vulnerable CSV import handling up to version 1.9.0. Connected sources confirm an Authenticated (Contributor+) Arbitrary File Upload flaw: an attacker with low privileges can supply a...
CVE-2025-11755 Delicious Recipes <= 1.9.0 - Authenticated (Contributor+) Arbitrary File Upload
The WP Delicious – Recipe Plugin for Food Bloggers formerly Delicious Recipes plugin for WordPress is vulnerable to arbitrary file uploads when importing recipes via CSV in all versions up to, and including, 1.9.0. This flaw allows an attacker with at least Contributor-level permissions to upload...
CVE-2025-11755 Delicious Recipes <= 1.9.0 - Authenticated (Contributor+) Arbitrary File Upload
The WP Delicious – Recipe Plugin for Food Bloggers formerly Delicious Recipes plugin for WordPress is vulnerable to arbitrary file uploads when importing recipes via CSV in all versions up to, and including, 1.9.0. This flaw allows an attacker with at least Contributor-level permissions to upload...
CVE-2024-43935
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WP Delicious Delicious Recipes – WordPress Recipe Plugin allows Stored XSS.This issue affects Delicious Recipes – WordPress Recipe Plugin: from n/a through 1.6.7...