CVE-2026-32343 WordPress Easy Table of Contents plugin <= 2.0.80 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Magazine3 Easy Table of Contents easy-table-of-contents allows Cross Site Request Forgery.This issue affects Easy Table of Contents: from n/a through = 2.0.80...

WordPress plugin Easy Table of Contents 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

CVE-2025-13738 Easy Table of Contents <= 2.0.78 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Easy Table of Contents plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ez-toc shortcode in all versions up to, and including, 2.0.78 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2023-25469

Missing Authorization vulnerability in Magazine3 Easy Table of Contents allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Table of Contents: from n/a through 2.0.45.2...

EUVD-2023-29424

Malicious code in bioql PyPI...

CVE-2024-7082

The Easy Table of Contents WordPress plugin before 2.0.68 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks...

CVE-2024-5573

The Easy Table of Contents WordPress plugin before 2.0.66 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2023-25469

Missing Authorization vulnerability in Magazine3 Easy Table of Contents allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Table of Contents: from n/a through 2.0.45.2...

CVE-2023-25469 WordPress Easy Table of Contents plugin <= 2.0.45.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Magazine3 Easy Table of Contents allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Table of Contents: from n/a through 2.0.45.2...

CVE-2023-25469

CVE-2023-25469 is a WordPress plugin vulnerability in Easy Table of Contents (versions

WordPress easy-table-of-contents plugin < 2.0.68 - Editor+ Stored XSS vulnerability

Editor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Easy Table of Contents versions 2.0.68...

CVE-2024-7082

The Easy Table of Contents WordPress plugin before 2.0.68 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks...

CVE-2024-7082 easy-table-of-contents < 2.0.68 - Editor+ Stored XSS

The Easy Table of Contents WordPress plugin before 2.0.68 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks...

WordPress Easy Table of Contents Plugin < 2.0.68 is vulnerable to Cross Site Scripting (XSS)

Software Easy Table of Contents Type Plugin Vulnerable versions 2.0.68 Fixed in 2.0.68 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7082 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d82cde2e0050 Credits Dmitrii Ignatyev...

WordPress Easy Table of Contents plugin < 2.0.67 - Editor+ Stored XSS vulnerability

Editor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Easy Table of Contents versions 2.0.67...

CVE-2024-6334

The Easy Table of Contents WordPress plugin before 2.0.67.1 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2024-6334

CVE-2024-6334 affects the Easy Table of Contents WordPress plugin. Vulnerable up to version 2.0.67.0 (before 2.0.67.1) where certain settings aren’t sanitised/escaped, enabling a stored XSS for high-privilege users (e.g., editors) even when unfiltered_html is disallowed. Impact per connected docs...

CVE-2024-6334 Easy Table of Contents < 2.0.67 - Editor+ Stored XSS

The Easy Table of Contents WordPress plugin before 2.0.67.1 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

WordPress Easy Table of Contents Plugin < 2.0.67 is vulnerable to Cross Site Scripting (XSS)

Software Easy Table of Contents Type Plugin Vulnerable versions 2.0.67 Fixed in 2.0.67.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6334 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID cb1a71a30d2b Credits Dmitrii Ignatye...

WordPress Easy Table of Contents plugin < 2.0.66 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Easy Table of Contents versions 2.0.66...