CVE-2026-24614

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Devsbrain Flex QR Code Generator flex-qr-code-generator allows DOM-Based XSS.This issue affects Flex QR Code Generator: from n/a through = 1.2.10...

CVE-2026-24614

CVE-2026-24614 affects the WordPress plugin Flex QR Code Generator (flex-qr-code-generator). The vulnerability is a DOM-based XSS caused by improper neutralization during web page generation. Public references indicate impact on Flex QR Code Generator versions up to 1.2.8 (NVD/Red Hat) with Patch...

CVE-2026-24614 WordPress Flex QR Code Generator plugin <= 1.2.10 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Devsbrain Flex QR Code Generator flex-qr-code-generator allows DOM-Based XSS.This issue affects Flex QR Code Generator: from n/a through = 1.2.10...

WordPress plugin Flex QR Code Generator has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress Flex QR Code Generator plugin <= 1.2.7 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Ryan Kozak in WordPress Plugin Flex QR Code Generator versions = 1.2.7...

CVE-2025-12673 Flex QR Code Generator <= 1.2.7 - Unauthenticated Arbitrary File Upload

The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the updateqrcode function in all versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site...

WordPress plugin Flex QR Code Generator 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

CVE-2025-10041

The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in thesaveqrcodetodb function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

CVE-2025-10041

The CVE-2025-10041 entry concerns the Flex QR Code Generator WordPress plugin. Affected versions include all up to and including 1.2.5, where missing file type validation in the save_qr_code_to_db() function allows unauthenticated arbitrary file uploads, potentially enabling remote code execution...

EUVD-2025-34561

The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in thesaveqrcodetodb function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

WordPress Flex QR Code Generator plugin <= 1.2.5 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by johska in WordPress Plugin Flex QR Code Generator versions = 1.2.5...