CVE-2022-35501

Stored Cross-site Scripting XSS exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function...

PT-2025-1861 · WordPress · Post Duplicator

Name of the Vulnerable Software and Affected Versions: Post Duplicator plugin for WordPress version 2.36 and earlier Description: The issue is related to Information Exposure due to insufficient restrictions on which posts can be duplicated, making it possible for authenticated attackers with...

PT-2024-17411 · WordPress · Advanced Floating Content

Name of the Vulnerable Software and Affected Versions: Advanced Floating Content plugin for WordPress versions up to, and including, 3.8.2 Description: The issue arises from insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query in the...

PT-2024-17655 · WordPress · Button Block

Name of the Vulnerable Software and Affected Versions: Button Block plugin for WordPress versions up to, and including, 1.1.5 Description: The issue allows authenticated attackers with Contributor-level access and above to extract potentially sensitive data from draft, scheduled, private, and...

PT-2024-38814 · WordPress · Wp Extended

Name of the Vulnerable Software and Affected Versions: The Ultimate WordPress Toolkit – WP Extended plugin for WordPress versions up to, and including, 3.0.8 Description: The issue allows authenticated attackers with Contributor-level access and above to duplicate posts written by other authors,...

CVE-2022-35501

Stored Cross-site Scripting XSS exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function...

CVE-2022-35501

Stored Cross-site Scripting XSS exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function...